Context Navigation

source: trunk/configure.ac@ 57

Last change on this file since 57 was 57, checked in by rainer, 18 years ago
Fix for manual, and tweks to include netbsd rc file. Also fix problem with the gpg checksum warning.
File size: 64.1 KB

Line
1
2	dnl We want to override the standard _AC_INIT_PARSE_ARGS
3	dnl
4	AU_ALIAS([_AC_INIT_PARSE_ARGS], [SH_INIT_PARSE_ARGS])
5	AU_ALIAS([_AC_INIT_help], [SH_INIT_HELP])
6
7	AC_INIT(src/samhain.c)
8
9
10	AC_ARG_VAR([LIBS], [libraries to link against, e.g. -lintl])
11
12	dnl
13	dnl start
14	dnl
15	AM_INIT_AUTOMAKE(samhain, 2.2.3)
16	AC_CANONICAL_HOST
17
18	dnl
19	dnl checks for programs
20	dnl
21
22	AC_PROG_CC
23	AC_PROG_CPP
24	AC_PROG_INSTALL
25	AC_PROG_LN_S
26	AC_PROG_AWK
27	AC_PATH_PROG(cmd_hostname,hostname)
28	AC_SUBST(cmd_hostname)
29
30	GCC_STACK_PROTECT_CC
31
32	AC_HEADER_STDC
33	dnl
34	dnl first one is a dummy because of an autoconf bug
35	dnl (no HAVE_... for first one)
36	dnl
37	AC_CHECK_HEADERS([sys/ipc.h sys/msg.h sys/uio.h fcntl.h])
38
39
40	AC_MSG_CHECKING([for host-specific issues])
41	mydebugflag=no
42	myneedg3=no
43	uid_cast="signed long"
44	selectconfig=linux
45	mynetbsd=no
46	sh_use_lcaps="undef"
47
48	case "$host_os" in
49
50	linux)
51	sh_use_lcaps="yes"
52	AC_DEFINE(HOST_IS_LINUX)
53	AC_DEFINE(HAVE_EXT2_IOCTLS)
54	AC_MSG_RESULT(LINUX use ioctl to get e2fs flags)
55	case "$host_cpu" in
56	i86)
57	AC_DEFINE(HOST_IS_I86LINUX)
58	;;
59	*)
60	;;
61	esac
62	;;
63
64	osf)
65	AC_DEFINE([HOST_IS_OSF], 1, [Define if host OS is OSF])
66	if test "x$GCC" != "xyes"; then
67	CFLAGS=`echo $CFLAGS \| sed 's%\-g%%' `
68	CFLAGS="$CFLAGS -O2 -assume noaligned_objects"
69	myneedg3=yes
70	AC_MSG_RESULT(OSF1 compiler needs assume noaligned_objects)
71	else
72	AC_MSG_RESULT(none)
73	fi
74	;;
75
76	cygwin)
77	AC_DEFINE(HOST_IS_CYGWIN)
78	AC_MSG_RESULT(CYGWIN do not check for trusted paths)
79	;;
80
81	darwin)
82	AC_DEFINE(HOST_IS_DARWIN)
83	AC_MSG_RESULT(DARWIN check resource forks)
84	;;
85
86	freebsd)
87	AC_DEFINE(HOST_IS_FREEBSD)
88	selectconfig=freebsd
89	AC_MSG_RESULT(none)
90	;;
91
92	openbsd)
93	selectconfig=freebsd
94	AC_MSG_RESULT(none)
95	;;
96
97	netbsd)
98	mynetbsd=yes
99	selectconfig=netbsd
100	AC_MSG_RESULT(NETBSD bug with libresolve)
101	;;
102
103	solaris)
104	selectconfig=solaris
105	AC_DEFINE(HOST_IS_SOLARIS)
106	case "$host_cpu" in
107	i*86)
108	AC_DEFINE(HOST_IS_I86SOLARIS)
109	AC_MSG_RESULT(SOLARIS I86 vsnprintf prototype)
110	;;
111	*)
112	AC_MSG_RESULT(none)
113	;;
114	esac
115	if test "x$GCC" != "xyes"; then
116	if test ! -z "`echo "$CFLAGS" \| grep "\-g" 2> /dev/null`" ; then
117	CFLAGS=`echo $CFLAGS \| sed 's%\-g%%' `
118	fi
119	if test -z "`echo "$CFLAGS" \| grep "\-xO2" 2> /dev/null`"; then
120	CFLAGS="$CFLAGS -xO2"
121	fi
122	if test -z "`echo "$CFLAGS" \| grep "\-Xa" 2> /dev/null`"; then
123	CFLAGS="$CFLAGS -Xa"
124	fi
125	LIBS="-lc $LIBS"
126	fi
127	;;
128
129
130	sun)
131	selectconfig=solaris
132	AC_DEFINE(HOST_IS_SOLARIS)
133	AC_MSG_RESULT(none)
134	;;
135
136	aix)
137	AC_DEFINE(HOST_IS_AIX)
138	selectconfig=aix5.2.0
139	uid_cast="unsigned long"
140	if test "x$GCC" != "xyes"; then
141	if test ! -z "`echo "$CFLAGS" \| grep "\-g" 2> /dev/null`" ; then
142	CFLAGS=`echo $CFLAGS \| sed 's%\-g%%' `
143	fi
144	if test -z "`echo "$CFLAGS" \| grep "\-O3" 2> /dev/null`"; then
145	CFLAGS="$CFLAGS -O3"
146	fi
147	if test -z "`echo "$CFLAGS" \| grep "\-qstrict" 2> /dev/null`"; then
148	CFLAGS="$CFLAGS -qstrict"
149	fi
150	AC_MSG_RESULT(AIX size_t in the accept call and optimize O3 qstrict)
151	else
152	AC_MSG_RESULT(AIX size_t in the accept call)
153	fi
154	;;
155
156	hpux)
157	AC_MSG_RESULT(HPUX has not always h_errno defined)
158	AC_DEFINE(HOST_IS_HPUX)
159	if test "x$GCC" != "xyes"; then
160	if test ! -z "`echo "$CFLAGS" \| grep "\-g" 2> /dev/null`" ; then
161	CFLAGS=`echo $CFLAGS \| sed 's%\-g%%' `
162	fi
163	if test -z "`echo "$CFLAGS" \| grep "\-fast" 2> /dev/null`"; then
164	CFLAGS="$CFLAGS -fast"
165	fi
166	fi
167	;;
168
169	ultrix)
170	AC_MSG_RESULT(ULTRIX getcwd uses popen)
171	AC_DEFINE(HAVE_BROKEN_GETCWD)
172	;;
173
174	*)
175	AC_MSG_RESULT(none)
176	;;
177	esac
178
179	AC_SUBST(selectconfig)
180	AC_DEFINE_UNQUOTED(UID_CAST, ${uid_cast})
181
182
183	dnl *****************************************
184	dnl
185	dnl checks for header files
186	dnl
187	dnl *****************************************
188
189	AC_HEADER_DIRENT
190	AC_HEADER_MAJOR
191	AC_HEADER_TIME
192	dnl used in minilzo.c
193	AC_HEADER_STAT
194	AC_DECL_SYS_SIGLIST
195
196	AC_CHECK_HEADERS(stddef.h libgen.h sched.h \
197	sys/vfs.h \
198	sys/select.h sys/socket.h netinet/in.h \
199	regex.h glob.h \
200	linux/ext2_fs.h ext2fs/ext2_fs.h \
201	elf.h linux/elf.h \
202	paths.h arpa/nameser.h arpa/nameser_compat.h,
203	[],
204	[],
205	[#include <sys/types.h>]
206	)
207
208
209	AC_CHECK_HEADER(utmpx.h, sh_utmpx="yes", sh_utmpx="no")
210	if test "x$sh_utmpx" = "xyes"; then
211	if cat "/usr/include/utmpx.h" 2>&5 \|
212	egrep "WTMPX_FILE" >/dev/null 2>&1; then
213	AC_DEFINE(HAVE_UTMPX_H)
214	AC_EGREP_HEADER(ut_host, utmpx.h, AC_DEFINE(HAVE_UTHOST) )
215	AC_EGREP_HEADER(ut_addr, utmpx.h, AC_DEFINE(HAVE_UTADDR) )
216	AC_EGREP_HEADER(ut_xtime,utmpx.h, AC_DEFINE(HAVE_UTXTIME) )
217	AC_EGREP_HEADER(ut_type, utmpx.h, AC_DEFINE(HAVE_UTTYPE) )
218	else
219	AC_EGREP_HEADER(ut_addr, utmp.h, AC_DEFINE(HAVE_UTADDR) )
220	AC_EGREP_HEADER(ut_host, utmp.h, AC_DEFINE(HAVE_UTHOST) )
221	AC_EGREP_HEADER(ut_type, utmp.h, AC_DEFINE(HAVE_UTTYPE) )
222	fi
223	else
224	AC_EGREP_HEADER(ut_host, utmp.h, AC_DEFINE(HAVE_UTHOST) )
225	AC_EGREP_HEADER(ut_type, utmp.h, AC_DEFINE(HAVE_UTTYPE) )
226	fi
227
228	dnl need to check because AIX 4.2 does not have it
229	dnl
230	AC_CHECK_MEMBERS([struct statfs.f_flags],[],[],[
231	#ifdef HAVE_SYS_TYPES_H
232	#include <sys/types.h>
233	#endif
234	#ifdef HAVE_SYS_STAT_H
235	#include <sys/stat.h>
236	#endif
237	#ifdef HAVE_SYS_VFS_H
238	#include <sys/vfs.h>
239	#endif
240	#ifdef HAVE_UNISTD_H
241	#include <unistd.h>
242	#endif
243	])
244
245	AC_SYS_LARGEFILE
246
247	dnl
248	dnl check whether _POSIX_SOURCE is required
249	dnl
250	SAMHAIN_POSIX
251
252
253	dnl *****************************************
254	dnl
255	dnl Checks for library functions.
256	dnl
257	dnl *****************************************
258	AC_FUNC_STRFTIME
259	AC_CHECK_FUNCS(memcmp memcpy memmove memset getpwent endpwent \
260	gettimeofday strlcat strlcpy strstr strchr strerror strsignal \
261	seteuid setreuid setresuid lstat getwd getcwd ptrace \
262	usleep setpriority getpeereid nanosleep \
263	strptime basename sched_yield \
264	inet_aton gethostbyname setutent setrlimit gethostname uname \
265	initgroups getpagesize \
266	ttyname fchmod
267	)
268	AC_CHECK_FUNC(statfs, AC_DEFINE(HAVE_STATFS) statfs="yes", statfs="no")
269	SL_CHECK_VA_COPY
270	AC_CHECK_FUNCS(vsnprintf, [SL_CHECK_VSNPRINTF])
271	AC_CHECK_MLOCK
272
273	AC_MSG_CHECKING(how to get filesystem type)
274	fstype=no
275	# The order of these tests is important.
276	AC_TRY_CPP([#include <sys/statvfs.h>
277	#include <sys/fstyp.h>], AC_DEFINE(FSTYPE_STATVFS) fstype=SVR4)
278	if test $fstype = no; then
279	AC_TRY_CPP([#include <sys/statfs.h>
280	#include <sys/fstyp.h>], AC_DEFINE(FSTYPE_USG_STATFS) fstype=SVR3)
281	fi
282	if test $fstype = no; then
283	AC_TRY_CPP([#include <sys/statfs.h>
284	#include <sys/vmount.h>], AC_DEFINE(FSTYPE_AIX_STATFS) fstype=AIX)
285	fi
286	if test $fstype = no; then
287	AC_TRY_CPP([#include <mntent.h>], AC_DEFINE(FSTYPE_MNTENT) fstype=4.3BSD)
288	fi
289	if test $fstype = no; then
290	AC_EGREP_HEADER(f_type;, sys/mount.h, AC_DEFINE(FSTYPE_STATFS) fstype=4.4BSD/OSF)
291	fi
292	if test $fstype = no; then
293	AC_TRY_CPP([#include <sys/mount.h>
294	#include <sys/fs_types.h>], AC_DEFINE(FSTYPE_GETMNT) fstype=Ultrix)
295	fi
296	AC_MSG_RESULT($fstype)
297
298	sh_libsocket=
299
300	dnl Solaris needs -lsocket and -lnsl. Unisys system includes
301	dnl gethostbyname in libsocket but needs libnsl for socket.
302	AC_CHECK_LIB(nsl, gethostbyname)
303	AC_CHECK_LIB(socket, socket, ac_need_libsocket=1, ac_try_nsl=1)
304	if test x$ac_need_libsocket = x1; then
305	LIBS="$LIBS -lsocket"
306	sh_libsocket="-lsocket"
307	fi
308	if test x$ac_try_nsl = x1; then
309	AC_CHECK_LIB(nsl, gethostbyname, ac_need_libnsl=1)
310	if test x$ac_need_libnsl = x1
311	then
312	LIBS="$LIBS -lnsl"
313	fi
314	fi
315	AC_SUBST(sh_libsocket)
316
317	AC_CHECK_LIB(socket, res_search, [
318	AC_CHECK_LIB(resolv, dn_skipname)
319	AC_CHECK_LIB(resolv, __dn_skipname)
320	if test x$ac_need_libsocket = x1; then
321	:
322	else
323	LIBS="$LIBS -lsocket"
324	fi
325	], [
326	AC_CHECK_LIB(resolv, res_search, [
327	LIBS="$LIBS -lresolv"
328	], [
329	AC_CHECK_LIB(resolv, dn_skipname)
330	AC_CHECK_LIB(resolv, __dn_skipname)
331	])
332	])
333
334	dnl arguments for accept
335
336	dnl check for Unix98 socklen_t (found on
337	dnl xemacs-patches mailing list, written
338	dnl by Martin Buchholz)
339	dnl
340	dnl On Darwin(MacOSX) socklen_t needs to be
341	dnl an int (see accept man page), on all other
342	dnl unix systems we need a size_t.
343
344	AC_MSG_CHECKING(for socklen_t)
345	AC_TRY_COMPILE([
346	#ifdef HAVE_SYS_TYPES_H
347	#include <sys/types.h>
348	#endif
349	#ifdef HAVE_SYS_SOCKET_H
350	#include <sys/socket.h>
351	#endif
352	socklen_t x;
353	], [],[
354	AC_MSG_RESULT(yes)
355	AC_DEFINE_UNQUOTED([ACCEPT_TYPE_ARG3],[socklen_t], [type of arg3 of accept])
356	AC_DEFINE([HAVE_SOCKLEN_T], 1, [Define if you have socklen_t])
357	],[
358	AC_TRY_COMPILE([
359	#ifdef HAVE_SYS_TYPES_H
360	#include <sys/types.h>
361	#endif
362	#ifdef HAVE_SYS_SOCKET_H
363	#include <sys/socket.h>
364	#endif
365	int accept (int, struct sockaddr , size_t );
366	],[],[
367	AC_MSG_RESULT(size_t)
368	AC_DEFINE_UNQUOTED([ACCEPT_TYPE_ARG3],[size_t], [type of arg3 of accept])
369	], [
370	AC_MSG_RESULT(int)
371	AC_DEFINE_UNQUOTED([ACCEPT_TYPE_ARG3],[int], [type of arg3 of accept])
372	]
373	)
374	])
375
376
377	dnl *****************************************
378	dnl checks for typedefs
379	dnl *****************************************
380
381	AC_C_LONG_DOUBLE
382	SH_CHECK_TYPEDEF(long long, HAVE_LONG_LONG)
383	if test "$sh_HAVE_LONG_LONG" = "yes"; then
384	AC_CHECK_SIZEOF(unsigned long long, 4)
385	if test "$ac_cv_sizeof_unsigned_long_long" = "8"; then
386	AC_DEFINE(HAVE_LONG_LONG_64, 1, [Define if you have 64bit long long])
387	fi
388	fi
389
390	AC_CHECK_TYPE(ptrdiff_t, long)
391	AC_TYPE_SIZE_T
392	AC_CHECK_SIZEOF(char *, 4)
393	AC_CHECK_SIZEOF(size_t, 4)
394
395	AC_CHECK_SIZEOF(unsigned long, 4)
396	AC_CHECK_SIZEOF(unsigned int , 4)
397	AC_CHECK_SIZEOF(unsigned short, 2)
398
399
400	if test "$ac_cv_sizeof_unsigned_long" = "4"; then
401	AC_DEFINE(HAVE_LONG_32)
402	fi
403	if test "$ac_cv_sizeof_unsigned_long" = "8"; then
404	AC_DEFINE(HAVE_LONG_64)
405	fi
406	if test "$ac_cv_sizeof_unsigned_int" = "4"; then
407	AC_DEFINE(HAVE_INT_32)
408	fi
409
410	dnl
411	dnl For Alpha
412	dnl
413	if test "$ac_cv_sizeof_unsigned_int_" = "4"; then
414	AC_DEFINE(HAVE_INT_32)
415	fi
416	if test "$ac_cv_sizeof_unsigned_short" = "4"; then
417	AC_DEFINE(HAVE_SHORT_32)
418	fi
419
420	dnl
421	dnl check for 64 bit programming environment
422	dnl
423	SAMHAIN_64
424
425
426	dnl *****************************************
427	dnl checks for structures
428	dnl *****************************************
429
430	AC_STRUCT_TM
431
432	dnl
433	dnl from e2fsprogs
434	dnl
435	AC_MSG_CHECKING(whether struct stat has a st_flags field)
436	AC_CACHE_VAL(e2fsprogs_cv_struct_st_flags,
437	AC_TRY_COMPILE([#include <sys/stat.h>],
438	[struct stat stat; stat.st_flags = 0;],
439	[e2fsprogs_cv_struct_st_flags=yes],
440	[e2fsprogs_cv_struct_st_flags=no]))
441	AC_MSG_RESULT($e2fsprogs_cv_struct_st_flags)
442	if test "$e2fsprogs_cv_struct_st_flags" = yes; then
443	AC_MSG_CHECKING(whether st_flags field is useful)
444	AC_CACHE_VAL(e2fsprogs_cv_struct_st_flags_immut,
445	AC_TRY_COMPILE([#include <sys/stat.h>],
446	[struct stat stat; stat.st_flags \|= UF_IMMUTABLE;],
447	[e2fsprogs_cv_struct_st_flags_immut=yes],
448	[e2fsprogs_cv_struct_st_flags_immut=no]))
449	AC_MSG_RESULT($e2fsprogs_cv_struct_st_flags_immut)
450	if test "$e2fsprogs_cv_struct_st_flags_immut" = yes; then
451	AC_DEFINE(HAVE_STAT_FLAGS)
452	fi
453	fi
454
455	dnl
456	dnl from dbus
457	dnl
458	AC_MSG_CHECKING(for struct cmsgcred)
459	AC_TRY_COMPILE([
460	#include <sys/types.h>
461	#include <sys/socket.h>
462	],[
463	struct cmsgcred cred;
464
465	cred.cmcred_pid = 0;
466	],sh_have_struct_cmsgcred=yes,sh_have_struct_cmsgcred=no)
467	AC_MSG_RESULT($sh_have_struct_cmsgcred)
468
469	if test x$sh_have_struct_cmsgcred = xyes; then
470	AC_DEFINE(HAVE_STRUCT_CMSGCRED,1,[Have cmsgcred structure])
471	fi
472
473	AC_MSG_CHECKING(for struct fcred)
474	AC_TRY_COMPILE([
475	#include <sys/param.h>
476	#include <sys/socket.h>
477	#include <sys/ucred.h>
478	],[
479	struct fcred sockcred;
480	],sh_have_struct_fcred=yes,sh_have_struct_fcred=no)
481	AC_MSG_RESULT($sh_have_struct_fcred)
482
483	if test x$sh_have_struct_fcred = xyes; then
484	AC_DEFINE(HAVE_STRUCT_FCRED,1,[Have fcred structure])
485	fi
486
487	AC_MSG_CHECKING(for struct sockcred)
488	AC_TRY_COMPILE([
489	#include <sys/param.h>
490	#include <sys/socket.h>
491	#include <sys/ucred.h>
492	],[
493	struct sockcred sockcred;
494	],sh_have_struct_sockcred=yes,sh_have_struct_sockcred=no)
495	AC_MSG_RESULT($sh_have_struct_sockcred)
496
497	if test x$sh_have_struct_sockcred = xyes; then
498	AC_DEFINE(HAVE_STRUCT_SOCKCRED,1,[Have sockcred structure])
499	fi
500
501	AC_MSG_CHECKING(for SO_PEERCRED)
502	AC_TRY_COMPILE([
503	#include <sys/types.h>
504	#include <sys/socket.h>
505	],[
506	int test = SO_PEERCRED;
507	],sh_have_SO_PEERCRED=yes,sh_have_SO_PEERCRED=no)
508	AC_MSG_RESULT($sh_have_SO_PEERCRED)
509
510	if test x$sh_have_SO_PEERCRED = xyes; then
511	AC_DEFINE(HAVE_SO_PEERCRED,1,[Have SO_PEERCRED define])
512	fi
513
514
515	dnl *****************************************
516	dnl checks for compiler characteristics
517	dnl *****************************************
518	AC_C_INLINE
519	AC_C_CONST
520	AC_C_BIGENDIAN
521
522	AM_SA_SIGACTION_WORKS
523
524	dnl *****************************************
525	dnl
526	dnl checks for system services
527	dnl
528	dnl *****************************************
529
530	dnl
531	dnl check for GNU gmp
532	dnl
533	AC_CHECK_LIB(gmp, __gmpz_init, [sh_have_gmp=yes], [sh_have_gmp=no])
534	if test "x${sh_have_gmp}" = xno
535	then
536	AC_CHECK_LIB(gmp, mpz_init, [sh_have_gmp=yes], [sh_have_gmp=no])
537	fi
538	if test "x${sh_have_gmp}" = xyes
539	then
540	# LIBS="-lgmp $LIBS"
541	AC_DEFINE(HAVE_LIBGMP, 1, [Have GNU gmp library])
542	fi
543	AC_CHECK_HEADERS(gmp.h)
544
545
546	dnl *****************************************
547	dnl
548	dnl enable features
549	dnl
550	dnl *****************************************
551
552	AC_ARG_ENABLE(db-reload,
553	[ --enable-db-reload enable database reload on SIGHUP [no]],
554	[
555	if test "x${enable_db_reload}" = xyes; then
556	AC_DEFINE(RELOAD_DATABASE)
557	fi
558	]
559	)
560
561	AC_ARG_ENABLE(xml-log,
562	[ --enable-xml-log enable XML logfile format [[no]]],
563	[
564	if test "x${enable_xml_log}" = xyes; then
565	AC_DEFINE(SH_USE_XML)
566	fi
567	]
568	)
569
570
571	AC_ARG_ENABLE(mail,
572	[ --disable-mail disable the internal SMTP mailer],
573	[
574	if test "x${enable_mail}" = xno; then
575	:
576	else
577	AC_DEFINE(SH_WITH_MAIL)
578	fi
579	],
580	[AC_DEFINE(SH_WITH_MAIL)]
581	)
582
583	AC_ARG_ENABLE(external-scripts,
584	[ --disable-external-scripts disable interface to external scripts],
585	[
586	if test "x${enableval}" = xno; then
587	:
588	else
589	AC_DEFINE(WITH_EXTERNAL)
590	fi
591	],
592	[AC_DEFINE(WITH_EXTERNAL)]
593	)
594
595	AC_ARG_ENABLE(message-queue,
596	[ --enable-message-queue[[=MODE]] enable SysV message queue [[MODE=0700]]],
597	[
598	if test "x${ac_cv_header_sys_msg_h}" = "xyes"; then
599	if test "x${enable_message_queue}" = xyes; then
600	AC_DEFINE(WITH_MESSAGE_QUEUE)
601	AC_DEFINE_UNQUOTED(MESSAGE_QUEUE_MODE, 0700)
602	elif test "x${enable_message_queue}" != xno; then
603	echo "${enableval}" \| grep ['[^0123456789]'] >/dev/null 2>&1 &&
604	AC_MSG_ERROR([--enable-message-queue: MODE must be numeric])
605	echo "${enableval}" \| \
606	grep ['0[0123456789][0123456789][0123456789]'] >/dev/null 2>&1 \|\|
607	AC_MSG_ERROR([--enable-message-queue: MODE must be an octal (0nnn) number])
608	AC_DEFINE(WITH_MESSAGE_QUEUE)
609	AC_DEFINE_UNQUOTED(MESSAGE_QUEUE_MODE, ${enable_message_queue})
610	fi
611	else
612	echo
613	echo "**********************************************"
614	echo
615	AC_MSG_WARN([sys/msg.h missing, --enable-message-queue disabled])
616	echo
617	echo "**********************************************"
618	echo
619	fi
620	]
621	)
622
623	AC_ARG_WITH(cflags,
624	[ --with-cflags additional flags to pass to compiler],
625	[
626	if test "x$withval" != "xno" ; then
627	CFLAGS="$CFLAGS $withval"
628	fi
629	]
630	)
631	AC_ARG_WITH(libs,
632	[ --with-libs additional libraries to link with],
633	[
634	if test "x$withval" != "xno" ; then
635	LIBS="$LIBS $withval"
636	fi
637	]
638	)
639
640
641	#
642	# this is from ssh
643	#
644	AC_MSG_CHECKING(whether to use libwrap)
645	LIBWRAP_LIB=""
646	LIBWRAP_INC=""
647	AC_ARG_WITH(libwrap,
648	[ --with-libwrap[=PATH] Compile in libwrap (TCP Wrappers) support],
649	[ AC_MSG_RESULT($withval)
650	case "$withval" in
651	no)
652	;;
653	""\|yes)
654	LIBWRAP_LIB="-lwrap"
655	;;
656	*)
657	if test -d "$withval"; then
658	LIBWRAP_LIB="-L$withval -lwrap"
659	changequote(<<, >>)dnl
660	sh_libwrap_inc=`echo ${withval} \| sed 's%/[^/][^/]*$%%'`
661	LIBWRAP_INC="-I${sh_libwrap_inc}/include"
662	changequote([, ])dnl
663	else
664	LIBWRAP_LIB="-lwrap"
665	changequote(<<, >>)dnl
666	sh_libwrap_inc=`echo ${withval} \| sed 's%/[^/][^/]*$%%'`
667	LIBWRAP_INC="-I${sh_libwrap_inc}"
668	changequote([, ])dnl
669	fi
670	;;
671	esac
672	if test -n "$LIBWRAP_LIB"; then
673	# OLDLIBS="$LIBS"
674	LIBS="$LIBWRAP_LIB $LIBS"
675	# OLDCFLAGS="$CFLAGS"
676	CFLAGS="$CFLAGS $LIBWRAP_INC"
677	AC_CHECK_HEADER(tcpd.h,
678	[],
679	[ AC_MSG_ERROR([Could not find tcpd.h for libwrap. You must first install tcp_wrappers]) ])
680	AC_TRY_LINK([ #include <tcpd.h>
681	int allow_severity; int deny_severity; ],
682	[ hosts_access((struct request_info *) 0); ],
683	[ AC_DEFINE(SH_USE_LIBWRAP,1,[Build with tcp wrapper support]) ],
684	[ AC_MSG_ERROR([Could not find the libwrap library.]) ])
685	fi ],
686	AC_MSG_RESULT(no)
687	)
688
689
690	#
691	# this is from the snort configure.in
692	#
693	AC_DEFUN(FAIL_MESSAGE,[
694	echo
695	echo
696	echo "**********************************************"
697	echo " ERROR: unable to find" $1
698	echo " checked in the following places"
699	for i in `echo $2`; do
700	echo " $i"
701	done
702	echo "**********************************************"
703	echo
704	exit
705	])
706
707	AC_ARG_WITH(libprelude-prefix,
708	[ --with-libprelude-prefix=PFX Prefix where libprelude is installed (optional)],
709	libprelude_config_prefix="$withval", libprelude_config_prefix="")
710
711	AC_MSG_CHECKING(whether to use prelude)
712	AC_ARG_WITH(prelude,
713	[ --with-prelude Prelude IDS support [[no]]],
714	[
715	if test "x${withval}" = "xno"; then
716	AC_MSG_RESULT(no)
717	else
718	AC_MSG_RESULT(yes)
719	if test x$libprelude_config_prefix != x ; then
720	if test x${LIBPRELUDE_CONFIG+set} != xset ; then
721	LIBPRELUDE_CONFIG=$libprelude_config_prefix/bin/libprelude-config
722	fi
723	fi
724
725	AC_PATH_PROG(LIBPRELUDE_CONFIG, libprelude-config, no)
726	if test x"$LIBPRELUDE_CONFIG" = "xno" ; then
727	HAVE_PRELUDE_CONFIG=no
728	else
729	HAVE_PRELUDE_CONFIG=yes
730	fi
731	dnl AC_CHECK_PROG(HAVE_PRELUDE_CONFIG, libprelude-config, yes, no)
732	if test "$HAVE_PRELUDE_CONFIG" = "yes"; then
733	sh_libprelude_version=`$LIBPRELUDE_CONFIG --version`
734	case "$sh_libprelude_version" in
735	0.8*)
736	sh_prelude_libs=`$LIBPRELUDE_CONFIG --libs \| sed 's,\(.\)\( -L. -lprelude$\),\2 \1,'`
737	sh_prelude_cflags=`$LIBPRELUDE_CONFIG --cflags`
738	LIBS="$LIBS ${sh_prelude_libs}"
739	CFLAGS="$CFLAGS ${sh_prelude_cflags}"
740	AC_DEFINE(HAVE_LIBPRELUDE,1,[Have libprelude])
741	AC_DEFINE(HAVE_LIBPRELUDE_8,1,[Have libprelude 0.8])
742	;;
743	*)
744	AM_PATH_LIBPRELUDE([0.9.6],
745	[
746	AC_DEFINE(HAVE_LIBPRELUDE,1,[Have libprelude])
747	AC_DEFINE(HAVE_LIBPRELUDE_9,1,[Have libprelude 0.9])
748	CFLAGS="$CFLAGS $LIBPRELUDE_PTHREAD_CFLAGS"
749	LDFLAGS="$LDFLAGS $LIBPRELUDE_LDFLAGS"
750	LIBS="$LIBS $LIBPRELUDE_LIBS"
751	],
752	[
753	AC_MSG_ERROR([Could not find libprelude.])
754	])
755	;;
756	esac
757	else
758	AC_MSG_ERROR([Could not find libprelude.])
759	fi
760	fi
761	],
762	[
763	AC_MSG_RESULT(no)
764	]
765	)
766
767	dnl AC_MSG_CHECKING(whether to use prelude)
768	dnl AC_ARG_WITH(prelude,
769	dnl [ --with-prelude Prelude IDS support [[no]]],
770	dnl [
771	dnl if test "x${withval}" = "xno"; then
772	dnl AC_MSG_RESULT(no)
773	dnl else
774	dnl AC_CHECK_PROG(HAVE_PRELUDE_CONFIG, libprelude-config, yes, no)
775	dnl if test "$HAVE_PRELUDE_CONFIG" = "yes"; then
776	dnl sh_prelude_libs=`libprelude-config --libs \| sed 's,\(.\)\( -L. -lprelude$\),\2 \1,'`
777	dnl sh_prelude_cflags=`libprelude-config --cflags`
778	dnl LIBS="$LIBS ${sh_prelude_libs}"
779	dnl CFLAGS="$CFLAGS ${sh_prelude_cflags}"
780	dnl AC_DEFINE(HAVE_LIBPRELUDE,1,[Have libprelude])
781	dnl else
782	dnl AC_MSG_ERROR([Could not find libprelude-config. Did you specify a valid path?])
783	dnl fi
784	dnl fi
785	dnl ],
786	dnl AC_MSG_RESULT(no)
787	dnl )
788
789	AC_ARG_ENABLE(static,
790	[ --enable-static enable static linking (recommended) [[no]]],
791	[
792	if test x$enable_static = xyes; then
793	if test x"$mynetbsd" = xyes
794	then
795	tmp_LIBS=`echo $LIBS \| sed 's%\-lresolv%%' `
796	LIBS="${tmp_LIBS}"
797	fi
798	AC_DEFINE(SH_COMPILE_STATIC, 1, [Define if compiling static])
799	if test "x$GCC" = "xyes"; then
800	LDFLAGS="$LDFLAGS -static"
801	else
802	case "$host_os" in
803
804	aix)
805	LDFLAGS="$LDFLAGS -bnso -bI:/lib/syscalls.exp"
806	;;
807
808	hpux)
809	LDFLAGS="$LDFLAGS -Wl,-a,archive"
810	;;
811
812	osf)
813	LDFLAGS="$LDFLAGS -non_shared"
814	;;
815
816	irix)
817	LDFLAGS="$LDFLAGS -non_shared"
818	;;
819
820	sco)
821	LDFLAGS="$LDFLAGS -dn"
822	;;
823
824	sun)
825	LDFLAGS="$LDFLAGS -Bstatic"
826	;;
827
828	solaris)
829	LDFLAGS="$LDFLAGS -Bstatic"
830	;;
831
832	*)
833	echo "***********************************************"
834	echo "*"
835	echo "* Don't know how to enable static linking"
836	echo "* with your compiler. Please set the environment"
837	echo "* variable LDFLAGS to:"
838	echo "* ${LDFLAGS} + the static linking flag"
839	echo "* and run configure again"
840	echo "*"
841	echo "***********************************************"
842	;;
843
844	esac
845	fi
846	fi
847	]
848	)
849
850	#
851	# partly based on the snort configure.in
852	#
853	AC_ARG_WITH(database,
854	[ --with-database=[[mysql\|postgresql\|oracle\|odbc]] database support [[no]]],
855	[
856	if test x"$enable_xml_log" != xyes; then
857	AC_MSG_ERROR([--with-database: --enable-xml-log required])
858	fi
859	if test "x${withval}" = "xmysql"; then
860	AC_CHECK_PROG(HAVE_MYSQL_CONFIG, mysql_config, yes, no)
861	if test "$HAVE_MYSQL_CONFIG" = "yes"; then
862	# echo "mysql_config found"
863	sh_mysql_libs="`mysql_config --libs`"
864	# echo ${sh_mysql_libs}
865	sh_mysql_libs="`eval echo ${sh_mysql_libs}`"
866	# echo $mysql_libs
867	# save_libs="$LIBS"
868	# LIBS="$LIBS `mysql_config --libs`"
869	# echo $LIBS
870	LIBS="$LIBS ${sh_mysql_libs}"
871	# echo $LIBS
872	sh_mysql_cflags="`mysql_config --cflags`"
873	sh_mysql_cflags="`eval echo ${sh_mysql_cflags}`"
874	# CFLAGS="$CFLAGS `mysql_config --cflags`"
875	# CFLAGS="$CFLAGS ${sh_mysql_cflags}"
876	CPPFLAGS="$CPPFLAGS ${sh_mysql_cflags}"
877	else
878	AC_MSG_CHECKING(for MySQL in /usr /usr/local /usr/local/mysql MYSQL_HOME)
879	mysql_directory="/usr /usr/local /usr/local/mysql ${MYSQL_HOME}"
880
881	for i in $mysql_directory; do
882	if test -r $i/include/mysql/mysql.h; then
883	MYSQL_DIR=$i
884	MYSQL_INC_DIR=$i/include
885	# we use AC_CHECK_HEADERS to check for mysql/mysql.h
886	fi
887	done
888	if test -z "$MYSQL_DIR"; then
889	for i in $mysql_directory; do
890	if test -r $i/include/mysql.h; then
891	MYSQL_DIR=$i
892	MYSQL_INC_DIR=$i/include
893	fi
894	done
895	fi
896
897	if test -z "$MYSQL_DIR"; then
898	tmp=""
899	for i in $mysql_directory; do
900	tmp="$tmp $i/include $i/include/mysql"
901	done
902	FAIL_MESSAGE("mysql headers (mysql.h)", $tmp)
903	fi
904
905	for i in lib lib/mysql; do
906	str="$MYSQL_DIR/$i/libmysqlclient.*"
907	for j in `echo $str`; do
908	if test -r $j; then
909	MYSQL_LIB_DIR="$MYSQL_DIR/$i"
910	break 2
911	fi
912	done
913	done
914
915	if test -z "$MYSQL_LIB_DIR"; then
916	for ff in $mysql_directory; do
917	for i in lib lib/mysql; do
918	str="$ff/$i/libmysqlclient.*"
919	for j in `echo $str`; do
920	if test -r $j; then
921	MYSQL_LIB_DIR="$ff/$i"
922	break 3
923	fi
924	done
925	done
926	done
927	fi
928
929	if test -z "$MYSQL_LIB_DIR"; then
930	tmp=""
931	for i in $mysql_directory; do
932	tmp="$i/lib $i/lib/mysql"
933	done
934	FAIL_MESSAGE("mysql library libmysqlclient", $tmp)
935	fi
936
937	AC_MSG_RESULT(yes)
938	LIBS="$LIBS -L${MYSQL_LIB_DIR} -lmysqlclient"
939	# CFLAGS="$CFLAGS -I${MYSQL_INC_DIR}"
940	CPPFLAGS="$CPPFLAGS -I${MYSQL_INC_DIR}"
941	fi
942	AC_DEFINE(WITH_MYSQL)
943	AC_DEFINE(WITH_DATABASE)
944	AC_CHECK_LIB(z, inflateEnd, [zlib_cv_libz=yes], [zlib_cv_libz=no])
945	AC_MSG_CHECKING(for zlib)
946	if test "$zlib_cv_libz" = "yes"
947	then
948	LIBS="$LIBS -lz -lm"
949	AC_MSG_RESULT(ok)
950	else
951	AC_MSG_RESULT(failed)
952	echo
953	echo " Either the mysql or the zlib library was not found"
954	echo " or was unusable, maybe because an old, incompatible"
955	echo " version is installed on your system, eg compiled from"
956	echo " source long time ago. See config.log for the error"
957	echo " message from the compiler."
958	echo " Please review your installed mysql and zlib libraries"
959	echo " and/or use --with-libs=-L/path/to/libdirectory"
960	echo " where libdirectory is the directory holding libmysql"
961	echo " or libz."
962	if test x"$enable_static" = xyes; then
963	echo " Note that for compiling a static binary, you need"
964	echo " the static libraries, rather than the shared ones."
965	fi
966	echo
967	AC_MSG_ERROR([libmysql or zlib not found or unuseable])
968	fi
969	AC_CHECK_HEADERS(mysql/mysql.h)
970	elif test "x${withval}" = "xpostgresql"; then
971	AC_DEFINE(WITH_POSTGRES)
972	AC_DEFINE(WITH_DATABASE)
973	#
974	PGCONF="no"
975	MY_PATH="${PATH}:/usr/local/bin:/usr/local/pgsql/bin"
976	OLD_IFS="$IFS"
977	IFS=":"
978	for ff in ${MY_PATH}
979	do
980	if test -f "$ff/pg_config"
981	then
982	PGCONF="$ff/pg_config"
983	fi
984	done
985	IFS="${OLD_IFS}"
986	#
987	#
988	if test "x${PGCONF}" = "xno"
989	then
990	AC_MSG_CHECKING(for PostgreSQL in /usr/local/pgsql /usr/pgsql /usr/local /usr PGSQL_HOME)
991	pgsql_directory="/usr/local/pgsql /usr/pgsql /usr/local /usr ${PGSQL_HOME}"
992	for i in $pgsql_directory; do
993	if test -r $i/include/pgsql/libpq-fe.h; then
994	PGSQL_INC_DIR=$i/include
995	PGSQL_DIR=$i
996	# use AC_CHECK_HEADERS to check for pgsql/libpq-fe.h
997	fi
998	done
999	if test -z "$PGSQL_DIR"; then
1000	for i in $pgsql_directory; do
1001	if test -r $i/include/libpq-fe.h; then
1002	PGSQL_INC_DIR=$i/include
1003	PGSQL_DIR=$i
1004	fi
1005	done
1006	fi
1007
1008	if test -z "$PGSQL_DIR"; then
1009	tmp=""
1010	for i in $pgsql_directory; do
1011	tmp="$tmp $i/include $i/include/pgsql"
1012	done
1013	FAIL_MESSAGE("PostgreSQL header file (libpq-fe.h)", $tmp)
1014	fi
1015
1016	for i in lib lib/pgsql; do
1017	str="$PGSQL_DIR/$i/libpq.*"
1018	for j in `echo $str`; do
1019	if test -r $j; then
1020	PGSQL_LIB_DIR="$PGSQL_DIR/$i"
1021	break 2
1022	fi
1023	done
1024	done
1025
1026	if test -z "$PGSQL_LIB_DIR"; then
1027	for ff in $pgsql_directory; do
1028	for i in lib lib/pgsql; do
1029	str="$ff/$i/libpq.*"
1030	for j in `echo $str`; do
1031	if test -r $j; then
1032	PGSQL_LIB_DIR="$ff/$i"
1033	break 3
1034	fi
1035	done
1036	done
1037	done
1038	fi
1039
1040	if test -z "$PGSQL_LIB_DIR"; then
1041	tmp=""
1042	for i in $pgsql_directory; do
1043	tmp="$i/lib $i/lib/pgsql"
1044	done
1045	FAIL_MESSAGE("postgresql library libpq", $tmp)
1046	fi
1047
1048	AC_MSG_RESULT(yes)
1049
1050	LIBS="$LIBS -L${PGSQL_LIB_DIR} -lpq -lm"
1051	if test x"$enable_static" = xyes; then
1052	LIBS="$LIBS -L${PGSQL_LIB_DIR} -lpq -lcrypt -lm"
1053	else
1054	LIBS="$LIBS -L${PGSQL_LIB_DIR} -lpq -lm"
1055	fi
1056	# CFLAGS="$CFLAGS -I${PGSQL_INC_DIR}"
1057	CPPFLAGS="$CPPFLAGS -I${PGSQL_INC_DIR}"
1058	AC_CHECK_HEADERS(pgsql/libpq-fe.h)
1059	else
1060	pg_lib_dir=`${PGCONF} --libdir`
1061	if test x"$enable_static" = xyes; then
1062	LIBS="$LIBS -L${pg_lib_dir} -lpq -lcrypt -lm"
1063	else
1064	LIBS="$LIBS -L${pg_lib_dir} -lpq -lm"
1065	fi
1066	pg_inc_dir=`${PGCONF} --includedir`
1067	# CFLAGS="$CFLAGS -I${pg_inc_dir}"
1068	CPPFLAGS="$CPPFLAGS -I${pg_inc_dir}"
1069	fi
1070	elif test "x${withval}" = "xodbc"; then
1071	AC_MSG_CHECKING(for odbc in /usr /usr/local ODBC_HOME)
1072	odbc_directory="/usr /usr/local"
1073
1074	for i in $odbc_directory; do
1075	if test -r $i/include/sql.h; then
1076	if test -r $i/include/sqlext.h; then
1077	if test -r $i/include/sqltypes.h; then
1078	ODBC_DIR=$i
1079	ODBC_INC_DIR=$i/include
1080	fi
1081	fi
1082	fi
1083	done
1084
1085	if test -z "$ODBC_DIR"; then
1086	tmp=""
1087	for i in $odbc_directory; do
1088	tmp="$tmp $i/include"
1089	done
1090	FAIL_MESSAGE("odbc headers (sql.h sqlext.h sqltypes.h)", $tmp)
1091	fi
1092
1093	str="$ODBC_DIR/lib/libodbc.*"
1094	for j in `echo $str`; do
1095	if test -r $j; then
1096	ODBC_LIB_DIR="$ODBC_DIR/lib"
1097	ODBC_LIB="odbc"
1098	fi
1099	done
1100
1101	if test -z "$ODBC_LIB_DIR"; then
1102	FAIL_MESSAGE("odbc library (libodbc)", "$ODBC_DIR/lib")
1103	fi
1104
1105	AC_MSG_RESULT(yes)
1106	CPPFLAGS="${CPPFLAGS} -I${ODBC_INC_DIR}"
1107	LIBS="${LIBS} -L${ODBC_LIB_DIR} -l$ODBC_LIB"
1108	AC_DEFINE(WITH_ODBC)
1109	AC_DEFINE(WITH_DATABASE)
1110
1111	elif test "x${withval}" = "xoracle"; then
1112	AC_MSG_CHECKING(for oracle in /usr /usr/local ORACLE_HOME)
1113	oracle_directory="/usr /usr/local ${ORACLE_HOME}"
1114	for i in $oracle_directory; do
1115	if test -r $i/rdbms/demo/oci.h; then
1116	ORACLE_DIR=$i
1117	fi
1118	done
1119
1120	if test -z "$ORACLE_DIR"; then
1121	tmp=""
1122	for i in $oracle_directory; do
1123	tmp="$tmp $i/rdbms/demo"
1124	done
1125	FAIL_MESSAGE("OCI header file (oci.h)", $tmp)
1126	else
1127	for i in rdbms/demo rdbms/public network/public; do
1128	ORACLE_CPP_FLAGS="$ORACLE_CPP_FLAGS -I$ORACLE_DIR/$i"
1129	done
1130	ORACLE_LIB_DIR="$ORACLE_DIR/lib"
1131	AC_MSG_RESULT(yes)
1132
1133	CPPFLAGS="${CPPFLAGS} ${ORACLE_CPP_FLAGS}"
1134
1135	ORACLE_LIBS="-lclntsh"
1136	if test -r $ORACLE_LIB_DIR/libwtc9.so; then
1137	ORACLE_LIBS="${ORACLE_LIBS} -lwtc9"
1138	elif test -r $ORACLE_LIB_DIR/libwtc8.so; then
1139	ORACLE_LIBS="${ORACLE_LIBS} -lwtc8"
1140	fi
1141	LIBS="${LIBS} -L${ORACLE_LIB_DIR} ${ORACLE_LIBS}"
1142	if test "x$GCC" != "xyes"; then
1143	CFLAGS="${CFLAGS} -fno-strict-aliasing"
1144	fi
1145	fi
1146	AC_DEFINE(WITH_ORACLE)
1147	AC_DEFINE(WITH_DATABASE)
1148
1149	else
1150	AC_MSG_ERROR([--with-database: unsupported database ${withval}])
1151	fi
1152	]
1153	)
1154
1155	AC_ARG_WITH(console,
1156	[ --with-console=PATH set path to console device [[/dev/console]]],
1157	[
1158	if test "x${withval}" != xno; then
1159	mycons="$withval"
1160	AC_DEFINE_UNQUOTED(DEFAULT_CONSOLE, _("${mycons}") )
1161	fi
1162	])
1163
1164	AC_ARG_WITH(altconsole,
1165	[ --with-altconsole=PATH set path to second console device [[none]]],
1166	[
1167	if test "x${withval}" != xno; then
1168	myaltcons="$withval"
1169	else
1170	myaltcons="NULL"
1171	fi
1172	],
1173	[myaltcons="NULL"])
1174	AC_DEFINE_UNQUOTED(ALT_CONSOLE, _("${myaltcons}") )
1175
1176	AC_ARG_WITH(timeserver,
1177	[ --with-timeserver=HOST set host address for time server [[none]]],
1178	[
1179	if test "x${withval}" != xno; then
1180	mytimeserv="$withval"
1181	AC_DEFINE(HAVE_NTIME)
1182	else
1183	mytimeserv="NULL"
1184	fi
1185	],
1186	mytimeserv="NULL")
1187	AC_DEFINE_UNQUOTED(DEFAULT_TIMESERVER, _("${mytimeserv}") )
1188
1189	AC_ARG_WITH(alttimeserver,
1190	[ --with-alttimeserver=HOST set address for backup time server [[none]]],
1191	[
1192	if test "x${withval}" != xno; then
1193	myalttimeserv="$withval"
1194	AC_DEFINE(HAVE_NTIME)
1195	else
1196	myalttimeserv="NULL"
1197	fi
1198	],
1199	myalttimeserv="NULL")
1200	AC_DEFINE_UNQUOTED(ALT_TIMESERVER, _("${myalttimeserv}") )
1201
1202	AC_ARG_ENABLE(login-watch,
1203	[ --enable-login-watch watch for login/logout [[no]]],
1204	[
1205	if test "x${enable_login_watch}" = xyes; then
1206	AC_DEFINE(SH_USE_UTMP)
1207	fi
1208	]
1209	)
1210
1211	AC_ARG_ENABLE(mounts-check,
1212	[ --enable-mounts-check check mount options on filesystems [[no]]],
1213	[
1214	if test "x${enable_mounts_check}" = xyes; then
1215	AC_DEFINE(SH_USE_MOUNTS)
1216	fi
1217	]
1218	)
1219
1220	AC_ARG_ENABLE(userfiles,
1221	[ --enable-userfiles check for users' config files [[no]]],
1222	[
1223	if test "x${enableval}" = "xyes"; then
1224	AC_DEFINE(SH_USE_USERFILES)
1225	fi
1226	]
1227	)
1228
1229	AC_ARG_ENABLE(debug,
1230	[ --enable-debug enable debug options [[no]]],
1231	[
1232	if test "x${enable_debug}" = "xyes"; then
1233	if test "x${mydebugflag}" != "xyes"; then
1234	AC_DEFINE(MEM_DEBUG)
1235	fi
1236	AC_DEFINE(WITH_TPT)
1237	AC_DEFINE(SL_DEBUG)
1238	AC_DEFINE(SL_FAIL_ON_ERROR)
1239	if test "x${myneedg3}" = "xyes"; then
1240	mydebugdef="-g3"
1241	else
1242	mydebugdef="-g"
1243	fi
1244	mydebugit="yes"
1245	fi
1246	]
1247	)
1248	AC_SUBST(mydebugdef)
1249
1250	AC_ARG_ENABLE(ptrace,
1251	[ --enable-ptrace use anti-debugger options [[no]]],
1252	[
1253	if test "x${enable_ptrace}" = xyes; then
1254	if test "x$mydebugit" != "xyes"; then
1255	AC_DEFINE(SCREW_IT_UP)
1256	fi
1257	fi
1258	]
1259	)
1260
1261	dnl
1262	if test "x$GCC" = "xyes"; then
1263	if test ! -z "`echo "$CFLAGS" \| grep "\-g\ " 2> /dev/null`" ; then
1264	CFLAGS=`echo $CFLAGS \| sed 's%\-g%%' `
1265	fi
1266
1267	dnl if test ! -z "`echo "$CFLAGS" \| grep "\-O2" 2> /dev/null`" ; then
1268	dnl CFLAGS=`echo $CFLAGS \| sed 's%\-O2%\-O3%' `
1269	dnl fi
1270
1271	if test -z "`echo "$CFLAGS" \| grep "\-Wall" 2> /dev/null`" ; then
1272	CFLAGS="$CFLAGS -Wall -W "
1273	fi
1274
1275	if test -z "`echo "$CFLAGS" \| grep "\-fstrength\-reduce" 2> /dev/null`"
1276	then
1277	if test -z "`echo "$CFLAGS" \| grep "\-fno\-strength\-reduce" 2> /dev/null`"
1278	then
1279	CFLAGS="$CFLAGS -fno-strength-reduce"
1280	fi
1281	fi
1282
1283	if test -z "`echo "$CFLAGS" \| grep "\-fomit\-frame\-pointer" 2> /dev/null`"
1284	then
1285	if test -z "`echo "$CFLAGS" \| grep "\-fno\-omit\-frame\-pointer" 2> /dev/null`"
1286	then
1287	CFLAGS="$CFLAGS -fno-omit-frame-pointer"
1288	fi
1289	fi
1290
1291	fi
1292
1293	AC_MSG_CHECKING([which random module to use])
1294	AC_ARG_WITH(rnd,
1295	[ --with-rnd=[[egd\|unix\|dev\|default]] random number generator [[default]]],
1296	[use_static_rnd=$withval], [use_static_rnd=default] )
1297
1298	if test "$use_static_rnd" = no; then
1299	use_static_rnd=default
1300	fi
1301
1302	case "$use_static_rnd" in
1303	egd \| dev \| unix \| default )
1304	AC_MSG_RESULT($use_static_rnd)
1305	;;
1306	* )
1307	AC_MSG_RESULT([invalid argument])
1308	AC_MSG_ERROR([--with-rnd: there is no random module ${use_static_rnd}])
1309	;;
1310	esac
1311
1312	AC_ARG_WITH(egd-socket,
1313	[ --with-egd-socket=NAME EGD socket name],
1314	egd_socket_name="$withval", egd_socket_name="" )
1315	AC_DEFINE_UNQUOTED(EGD_SOCKET_NAME, _("$egd_socket_name") )
1316
1317	dnl
1318	dnl See whether the user wants to disable checking for /dev/random
1319
1320	try_dev_random=yes
1321
1322	case "$use_static_rnd" in
1323	dev \| default )
1324	try_dev_random=yes
1325	;;
1326	egd)
1327	AC_DEFINE(HAVE_EGD_RANDOM)
1328	try_dev_random=no
1329	;;
1330	unix)
1331	AC_DEFINE(HAVE_UNIX_RANDOM)
1332	try_dev_random=no
1333	;;
1334	esac
1335
1336
1337	if test "x$try_dev_random" = "xyes"; then
1338	AC_MSG_CHECKING(whether /dev/random exists)
1339	if test -r "/dev/srandom" && test -c "/dev/srandom"; then
1340	AC_DEFINE(HAVE_URANDOM)
1341	AC_DEFINE_UNQUOTED(NAME_OF_DEV_RANDOM, _("/dev/srandom") )
1342	AC_MSG_RESULT(yes)
1343	if test -r "/dev/urandom" && test -c "/dev/urandom"; then
1344	AC_DEFINE_UNQUOTED(NAME_OF_DEV_URANDOM, _("/dev/urandom") )
1345	fi
1346	else
1347	if test -r "/dev/random" && test -c "/dev/random"; then
1348	AC_DEFINE(HAVE_URANDOM)
1349	AC_DEFINE_UNQUOTED(NAME_OF_DEV_RANDOM, _("/dev/random") )
1350	AC_MSG_RESULT(yes)
1351	if test -r "/dev/urandom" && test -c "/dev/urandom"; then
1352	AC_DEFINE_UNQUOTED(NAME_OF_DEV_URANDOM, _("/dev/urandom") )
1353	fi
1354	else
1355	AC_MSG_RESULT(no)
1356	AC_DEFINE(HAVE_UNIX_RANDOM)
1357	fi
1358	fi
1359	fi
1360
1361
1362	dnl
1363	dnl NETWORK OPTIONS
1364	dnl
1365
1366
1367	AC_ARG_ENABLE(network,
1368	[ --enable-network=[[client\|server]] compile client or server [[no]]],
1369	[
1370	if test "x$enable_network" = xclient; then
1371	mytclient="-DSH_WITH_CLIENT"
1372	yulectl_prg=
1373	setpwd_prg="samhain_setpwd"
1374	sh_main_prg="samhain"
1375	if test "x${sh_have_gmp}" = xyes
1376	then
1377	LIBS="-lgmp $LIBS"
1378	fi
1379	dnl AC_CHECK_HEADER(sys/capability.h,
1380	dnl [AC_CHECK_LIB(cap, cap_get_proc,,sh_use_lcaps="no")],
1381	dnl [sh_use_lcaps="no"])
1382	elif test "x$enable_network" = xserver; then
1383	mytclient="-DSH_WITH_SERVER"
1384	yulectl_prg="yulectl"
1385	setpwd_prg="samhain_setpwd"
1386	sh_main_prg="yule"
1387	if test "x${sh_have_gmp}" = xyes
1388	then
1389	LIBS="-lgmp $LIBS"
1390	fi
1391	sh_use_lcaps="undef"
1392	elif test "x$enable_network" = xno; then
1393	mytclient="-DSH_STANDALONE"
1394	yulectl_prg=
1395	setpwd_prg=
1396	sh_main_prg="samhain"
1397	dnl AC_CHECK_HEADER(sys/capability.h,
1398	dnl [AC_CHECK_LIB(cap, cap_get_proc,,sh_use_lcaps="no")],
1399	dnl [sh_use_lcaps="no"])
1400	else
1401	AC_MSG_ERROR([--enable-network=WHAT: WHAT must be client, server, or no])
1402	fi
1403	],
1404	[
1405	mytclient="-DSH_STANDALONE"
1406	setpwd_prg=
1407	yulectl_prg=
1408	sh_main_prg="samhain"
1409	dnl AC_CHECK_HEADER(sys/capability.h,
1410	dnl [AC_CHECK_LIB(cap, cap_get_proc,,sh_use_lcaps="no")],
1411	dnl [sh_use_lcaps="no"])
1412	],
1413	)
1414	AC_SUBST(setpwd_prg)
1415	AC_SUBST(yulectl_prg)
1416	AC_SUBST(sh_main_prg)
1417	AC_SUBST(mytclient)
1418
1419	# needed for the rpm spec
1420	clmytclient=`echo ${mytclient} \| sed s%\-%%`
1421	AC_SUBST(clmytclient)
1422
1423	AC_ARG_ENABLE(udp,
1424	[ --enable-udp server can listen on port 514/udp [[no]]],
1425	[
1426	if test "x${enable_udp}" = xyes; then
1427	AC_DEFINE(INET_SYSLOG)
1428	fi
1429	]
1430	)
1431
1432	myencrypt=yes
1433	AC_ARG_ENABLE(encrypt,
1434	[ --disable-encrypt disable client/server encryption],
1435	[
1436	if test "x${enable_encrypt}" = xno; then
1437	myencrypt=no
1438	elif test "x${enable_encrypt}" = "x1"; then
1439	myencrypt=1
1440	fi
1441	]
1442	)
1443	if test "x${myencrypt}" = "xyes"; then
1444	AC_DEFINE(SH_ENCRYPT)
1445	AC_DEFINE(SH_ENCRYPT_2)
1446	elif test "x${myencrypt}" = "x1"; then
1447	AC_DEFINE(SH_ENCRYPT)
1448	fi
1449
1450	sh_use_srp_proto=yes
1451	AC_ARG_ENABLE(srp,
1452	[ --disable-srp disable SRP for authentication],
1453	[
1454	if test "x${enable_srp}" = xno; then
1455	sh_use_srp_proto=no
1456	fi
1457	]
1458	)
1459	if test "x${sh_use_srp_proto}" = xyes; then
1460	AC_DEFINE(USE_SRP_PROTOCOL)
1461	fi
1462
1463	AC_ARG_WITH(port,
1464	[ --with-port=PORT set port to use for TCP/IP connection [[49777]]],
1465	[
1466	echo "${withval}" \| grep ['[^0123456789]'] >/dev/null 2>&1 &&
1467	AC_MSG_ERROR([--with-port: PORT must be numeric])
1468	myport=${withval}
1469	],
1470	[myport="49777"])
1471	AC_DEFINE_UNQUOTED(SH_DEFAULT_PORT, ${myport})
1472	AC_SUBST(myport)
1473
1474	AC_ARG_WITH(logserver,
1475	[ --with-logserver=HOST set host address for log server [[none]]],
1476	[
1477	case "$withval" in
1478	. \| localhost)
1479	mylogsrv="$withval"
1480	;;
1481	*)
1482	mylogsrv="$withval"
1483	;;
1484	esac
1485	],
1486	[mylogsrv="NULL"])
1487	AC_DEFINE_UNQUOTED(DEFAULT_LOGSERVER, _("${mylogsrv}") )
1488	AC_SUBST(mylogsrv)
1489
1490	AC_ARG_WITH(altlogserver,
1491	[ --with-altlogserver=HOST set address for backup log server [[none]]],
1492	[
1493	case "$withval" in
1494	. \| localhost)
1495	myaltlogsrv="$withval"
1496	;;
1497	*)
1498	myaltlogsrv="$withval"
1499	;;
1500	esac
1501	],
1502	[myaltlogsrv="NULL"])
1503	AC_DEFINE_UNQUOTED(ALT_LOGSERVER, _("${myaltlogsrv}"))
1504
1505
1506
1507	dnl
1508	dnl STEALTH OPTIONS
1509	dnl
1510	nocl_code=
1511	xor_code=0
1512	AC_ARG_ENABLE(nocl,
1513	[ --enable-nocl=PW no CL parsing unless first CL argument is PW],
1514	[
1515	if test "x${enableval}" != "x"; then
1516	AC_DEFINE(SH_STEALTH_NOCL)
1517	fi
1518	if test "x${enableval}" = "xstop" \|\| test "x${enableval}" = "xstart"; then
1519	AC_MSG_ERROR([--enable-nocl: start/stop/reload/restart/status are reserved words])
1520	fi
1521	if test "x${enableval}" = "xreload" \|\| test "x${enableval}" = "xrestart"; then
1522	AC_MSG_ERROR([--enable-nocl: start/stop/reload/restart/status are reserved words])
1523	fi
1524	if test "x${enableval}" = "xstatus"; then
1525	AC_MSG_ERROR([--enable-nocl: start/stop/reload/restart/status are reserved words])
1526	fi
1527	if test "x${enableval}" = "xno"; then
1528	AC_MSG_ERROR([--enable-nocl: use of --enable-nocl=no is ambiguous])
1529	fi
1530	nocl_code="${enable_nocl}"
1531	]
1532	)
1533	AC_DEFINE_UNQUOTED(NOCL_CODE, _("${nocl_code}") )
1534	AC_SUBST(nocl_code)
1535	AC_ARG_ENABLE(stealth,
1536	[ --enable-stealth=XOR_VAL enable stealth mode [[no]]],
1537	[AC_DEFINE(SH_STEALTH)
1538	if test "x${enableval}" != "xyes"; then
1539	echo "${enableval}" \| grep ['[^0123456789]'] >/dev/null 2>&1 &&
1540	AC_MSG_ERROR([--enable-stealth: XOR_VAL must be numeric])
1541	if test "${enableval}" -lt 127 \|\| test "${enableval}" -gt 255; then
1542	if test x"${enableval}" = x0
1543	then
1544	:
1545	else
1546	AC_MSG_ERROR([--enable-stealth: XOR_VAL must be in the range 127 to 255])
1547	fi
1548	fi
1549	xor_code="${enable_stealth}"
1550	else
1551	xor_code=0
1552	fi
1553	stegin_prg="samhain_stealth"
1554	],
1555	[
1556	stegin_prg=
1557	]
1558	)
1559	AC_ARG_ENABLE(micro-stealth,
1560	[ --enable-micro-stealth=XOR_VAL enable micro stealth mode [[no]]],
1561	[
1562	AC_DEFINE(SH_STEALTH)
1563	AC_DEFINE(SH_STEALTH_MICRO)
1564	if test "x${enableval}" != "xyes"; then
1565	echo "${enableval}" \| grep ['[^0123456789]'] >/dev/null 2>&1 &&
1566	AC_MSG_ERROR([--enable-micro-stealth: XOR_VAL must be numeric])
1567	if test "${enableval}" -lt 127 \|\| test "${enableval}" -gt 255; then
1568	if test x"${enableval}" = x0
1569	then
1570	:
1571	else
1572	AC_MSG_ERROR([--enable-micro-stealth: XOR_VAL must be in the range 127 to 255])
1573	fi
1574	fi
1575	xor_code="${enable_micro_stealth}"
1576	else
1577	xor_code=0
1578	fi
1579	]
1580	)
1581	install_name="samhain"
1582	INSTALL_NAME="SAMHAIN"
1583	AC_ARG_ENABLE(install-name,
1584	[ --enable-install-name=NAME name under which to install [[samhain\|yule]]],
1585	[
1586	if test "x${enableval}" != "xyes"; then
1587	install_name="${enableval}"
1588	INSTALL_NAME=`echo "${enableval}" \| tr [a-z] [A-Z]`
1589	else
1590	install_name="${sh_main_prg}"
1591	INSTALL_NAME=`echo "${sh_main_prg}" \| tr [a-z] [A-Z]`
1592	fi
1593	],
1594	[
1595	install_name="${sh_main_prg}"
1596	INSTALL_NAME=`echo "${sh_main_prg}" \| tr [a-z] [A-Z]`
1597	]
1598	)
1599
1600
1601	need_user_install=0
1602
1603	AC_ARG_ENABLE(identity,
1604	[ --enable-identity=USER user if dropping root [[daemon]]],
1605	[
1606	if test x"$enableval" = xno; then
1607	myident="daemon"
1608	else
1609	myident="$enableval"
1610	fi
1611	echo "${myident}" \| grep ['[^0123456789]'] >/dev/null 2>&1 \|\| \
1612	AC_MSG_ERROR([--enable-identity: need username, not UID])
1613	myident_uid=`(cat /etc/passwd; ypcat passwd) 2>/dev/null \|\
1614	grep "^${myident}:" \| awk -F: '{ print $3; }'`
1615	if test x"${myident_uid}" = x; then
1616	AC_MSG_WARN([--enable-identity: user ${myident} will be added upon install])
1617	need_user_install=1
1618	fi
1619	],
1620	[
1621	for myident in ${install_name} daemon nobody; do
1622	AC_MSG_CHECKING(for user ${myident})
1623	myident_uid=`(cat /etc/passwd; ypcat passwd) 2>/dev/null \|\
1624	grep "^${myident}:" \| awk -F: '{ print $3; }'`
1625	if test x"${myident_uid}" != x; then
1626	AC_MSG_RESULT(yes)
1627	break;
1628	else
1629	AC_MSG_RESULT(no)
1630	fi
1631	done
1632	if test x"${myident_uid}" = x; then
1633	myident=${install_name}
1634	AC_MSG_WARN([--enable-identity: user ${myident} will be added upon install])
1635	need_user_install=1
1636	fi
1637	])
1638	AC_DEFINE_UNQUOTED(DEFAULT_IDENT, _("${myident}") )
1639	AC_SUBST(myident)
1640	AC_SUBST(need_user_install)
1641
1642	sh_insmod_cmd=": # no kernel module"
1643	sh_lkm=""
1644	lkm_inc=""
1645	khidemap="/boot/System.map"
1646	sh_syscalltable="0x0"
1647	AC_ARG_ENABLE(khide,
1648	[ --enable-khide=SYSTEM_MAP use kernel module to hide (Linux only)[[/boot/System.map]]],
1649	[
1650	if test "x${enable_khide}" != xno; then
1651	if test "x${enableval}" != "xyes"; then
1652	khidemap="${enableval}"
1653	fi
1654	sh_syscalltable=`egrep '(D\|d\|R\|r) sys_call_table' ${khidemap} \| awk '{print $1}'`
1655	if test x"$sh_syscalltable" = x; then
1656	AC_MSG_ERROR([--enable-khide: symbol sys_call_table not found in ${khidemap}])
1657	fi
1658	sh_syscalltable="0x${sh_syscalltable}"
1659	install_name_len=`echo ${install_name} \| awk '{ print(length()); }'`
1660	if test "${install_name_len}" -gt 15 ; then
1661	AC_MSG_ERROR([--enable-khide: install_name exceeds 15 char length limit])
1662	fi
1663	AC_DEFINE(SH_USE_LKM)
1664	AC_DEFINE_UNQUOTED(SH_MAGIC_HIDE, "${install_name}")
1665
1666	# -- NEW --
1667	kernel_version=`uname -r \| sed s,2.6.*,LINUX26,`
1668	if test x"$kernel_version" = xLINUX26
1669	then
1670	sh_modlist_lock=`egrep ['[bd] modlist_lock$'] ${khidemap} \| awk '{print $1}'`
1671	if test x"$sh_modlist_lock" = x; then
1672	AC_MSG_ERROR([--enable-khide: symbol modlist_lock not found in ${khidemap}])
1673	fi
1674	sh_modlist_lock="0x${sh_modlist_lock}"
1675	AC_DEFINE_UNQUOTED(SH_MODLIST_LOCK, ${sh_modlist_lock}, [The address of the modules list spinlock])
1676
1677	sh_list_modules=`egrep 'd modules$' ${khidemap} \| awk '{print $1}'`
1678	if test x"$sh_list_modules" = x; then
1679	AC_MSG_ERROR([--enable-khide: symbol modules not found in ${khidemap}])
1680	fi
1681	sh_list_modules="0x${sh_list_modules}"
1682	AC_DEFINE_UNQUOTED(SH_LIST_MODULES, ${sh_list_modules}, [The address of the modules list])
1683
1684	AC_DEFINE(LINUX26, 1, [Define if kernel is 2.6])
1685	sh_insmod_cmd="modprobe ${install_name}_hide"
1686	sh_lkm="samhain_hide.ko"
1687	else
1688	sh_insmod_cmd="insmod ${install_name}_hide; insmod ${install_name}_erase; rmmod ${install_name}_erase"
1689	sh_lkm="samhain_hide.o samhain_erase.o"
1690	fi
1691	# -- END NEW --
1692
1693	kvers=`uname -r`
1694	if test -f /lib/modules/${kvers}/build/include/linux/kernel.h; then
1695	lkm_inc="-I/lib/modules/${kvers}/build/include"
1696	else
1697	AC_MSG_WARN([--enable-khide: /lib/modules/${kvers}/build/include/linux not found])
1698	AC_MSG_WARN([--enable-khide: You may need to install the kernel-source])
1699	AC_MSG_WARN([--enable-khide: headers for the currently-running kernel.])
1700	fi
1701	sh_is_vanilla_kernel=yes
1702	if test -f /lib/modules/${kvers}/build/include/linux/sched.h; then
1703	grep 'next_task,' /lib/modules/${kvers}/build/include/linux/sched.h >/dev/null 2>&1 \|\| sh_is_vanilla_kernel=no
1704	fi
1705	if test x"${sh_is_vanilla_kernel}" = xno; then
1706	echo "This is not a 2.4 vanilla kernel"
1707	else
1708	AC_DEFINE(SH_VANILLA_KERNEL)
1709	fi
1710	fi
1711	]
1712	)
1713	AC_SUBST(lkm_inc)
1714	AC_SUBST(sh_lkm)
1715	AC_SUBST(sh_insmod_cmd)
1716	AC_SUBST(install_name)
1717	AC_SUBST(INSTALL_NAME)
1718	AC_SUBST(stegin_prg)
1719	AC_SUBST(xor_code)
1720
1721	AC_DEFINE_UNQUOTED(XOR_CODE, ${xor_code})
1722	AC_DEFINE_UNQUOTED(SH_SYSCALLTABLE, ${sh_syscalltable})
1723
1724
1725	exepack_state0=`${srcdir}/c_random.sh 2>/dev/null`
1726	exepack_state1=`${srcdir}/c_random.sh 2>/dev/null`
1727	exepack_state2=`${srcdir}/c_random.sh 2>/dev/null`
1728
1729	AC_DEFINE_UNQUOTED(EXEPACK_STATE_0, ${exepack_state0})
1730	AC_DEFINE_UNQUOTED(EXEPACK_STATE_1, ${exepack_state1})
1731	AC_DEFINE_UNQUOTED(EXEPACK_STATE_2, ${exepack_state2})
1732
1733
1734	AC_ARG_ENABLE(suidcheck,
1735	[ --enable-suidcheck check for suid/sgid files [[no]]],
1736	[
1737	if test "x${enableval}" = "xyes"; then
1738	AC_DEFINE(SH_USE_SUIDCHK)
1739	fi
1740	]
1741	)
1742
1743
1744	systemmap="/boot/System.map"
1745	sh_libkvm=""
1746	AC_ARG_WITH(kcheck,
1747	[ --with-kcheck[[=SYSTEM_MAP]] check Linux/FreeBSD/OpenBSD kernel integrity [[/boot/System.map]]],
1748	[
1749	if test "x${withval}" != "xno"; then
1750	AC_DEFINE(SH_USE_KERN)
1751	kernelversion=`uname -r`
1752	AC_DEFINE_UNQUOTED(SH_KERNEL_VERSION, _("${kernelversion}"), [Define the kernel version])
1753	if test "x${withval}" != "xyes"; then
1754	systemmap="${withval}"
1755	fi
1756	if test "x${cross_compiling}" = xyes; then
1757	:
1758	elif test "x$selectconfig" = "xfreebsd"; then
1759	LIBS="$LIBS -lkvm"
1760	sh_libkvm="-lkvm"
1761	elif test -f "${systemmap}"; then
1762	:
1763	else
1764	AC_MSG_ERROR([--with-kcheck: cannot find system map ${systemmap}])
1765	fi
1766	fi
1767	]
1768	)
1769	AC_SUBST(systemmap)
1770	AC_SUBST(sh_libkvm)
1771
1772	AC_ARG_ENABLE(base,
1773	[ --enable-base=B1,B2 base key (0...2147483647)],
1774	[
1775	AC_MSG_CHECKING(base key setting)
1776	my_key_A=`echo ${enableval} \| awk 'BEGIN{FS=","}{print $1}'`
1777	my_key_B=`echo ${enableval} \| awk 'BEGIN{FS=","}{print $2}'`
1778	AC_MSG_RESULT(${my_key_A} ${my_key_B})
1779	if test "x${my_key_A}" = x; then
1780	AC_MSG_ERROR([--enable-base: first base key has zero length])
1781	fi
1782	if test "x${my_key_B}" = x; then
1783	AC_MSG_ERROR([--enable-base: second base key has zero length])
1784	fi
1785	echo "${my_key_A}" \| grep ['[^0123456789]'] >/dev/null 2>&1 &&
1786	AC_MSG_ERROR([--enable-base: base key must be numeric in the range 0 to 2147483647])
1787	echo "${my_key_B}" \| grep ['[^0123456789]'] >/dev/null 2>&1 &&
1788	AC_MSG_ERROR([--enable-base: base key must be numeric in the range 0 to 2147483647])
1789	],
1790	[
1791	AC_MSG_CHECKING(base key setting .. collecting entropy)
1792	my_key_1=`${srcdir}/c_random.sh 2>/dev/null`
1793	my_key_2=`${srcdir}/c_random.sh 2>/dev/null`
1794	my_key_3=`${srcdir}/c_random.sh 2>/dev/null`
1795	my_key_4=`${srcdir}/c_random.sh 2>/dev/null`
1796	my_key_A=`expr $my_key_1 \* 32767`
1797	my_key_A=`echo ${my_key_A} \| sed 's%^0*%%g' 2>/dev/null`
1798	my_key_A=`expr $my_key_A \+ $my_key_2`
1799	my_key_B=`expr $my_key_3 \* 32767`
1800	my_key_B=`echo ${my_key_B} \| sed 's%^0*%%g' 2>/dev/null`
1801	my_key_B=`expr $my_key_B \+ $my_key_4`
1802	AC_MSG_RESULT(${my_key_A} ${my_key_B})
1803	]
1804	)
1805	AC_SUBST(my_key_A)
1806	AC_SUBST(my_key_B)
1807
1808	dnl low bytes
1809	my_key_1=`expr $my_key_A \% 65536`
1810	dnl high bytes
1811	my_key_2=`expr $my_key_A \/ 65536`
1812	dnl low bytes
1813	my_key_3=`expr $my_key_B \% 65536`
1814	dnl high bytes
1815	my_key_4=`expr $my_key_B \/ 65536`
1816
1817	dnl echo ${my_key_1} ${my_key_2} ${my_key_3} ${my_key_4}
1818
1819	dnl touch ./sh_MK.h
1820	dnl echo "#ifndef SH_MK_H" >> ./sh_MK.h
1821	dnl echo "#define SH_MK_H" >> ./sh_MK.h
1822	dnl ${srcdir}/c_bits.sh ${my_key_1} MKB >> ./sh_MK.h
1823	dnl ${srcdir}/c_bits.sh ${my_key_2} MKA >> ./sh_MK.h
1824	dnl ${srcdir}/c_bits.sh ${my_key_3} MKC >> ./sh_MK.h
1825	dnl ${srcdir}/c_bits.sh ${my_key_4} MKD >> ./sh_MK.h
1826	dnl echo "#endif" >> ./sh_MK.h
1827	AC_SUBST(my_key_1)
1828	AC_SUBST(my_key_2)
1829	AC_SUBST(my_key_3)
1830	AC_SUBST(my_key_4)
1831
1832	AC_MSG_CHECKING(key position)
1833	pos_tf_1=`${srcdir}/c_random.sh 2>/dev/null`
1834	pos_tf_2=`expr $pos_tf_1 \% 8`
1835	pos_tf=`expr $pos_tf_2 + 1`
1836	AC_MSG_RESULT(${pos_tf})
1837	AC_DEFINE_UNQUOTED(POS_TF, ${pos_tf} )
1838
1839	mykeybase=`echo ${my_key_A},${my_key_B}`
1840	AC_DEFINE_UNQUOTED(DEFKEY, ${mykeybase} )
1841	AC_SUBST(mykeybase)
1842
1843
1844	dnl
1845	dnl GPG/PGP options
1846	dnl
1847
1848	AC_ARG_WITH(gpg,
1849	[ --with-gpg=PATH use GnuPG to verify database/config [[no]]],
1850	[
1851	if test "x${withval}" != "xno"; then
1852	if test "x${cross_compiling}" = xyes; then
1853	mygpg="${withval}"
1854	else
1855	if test -f "${withval}"; then
1856	mygpg="${withval}"
1857	mychk0=`${withval} --load-extension tiger --print-md TIGER192 ${withval} 2>/dev/null`
1858	if test "x$?" != "x0"; then
1859	mychktest=no
1860	for sampre in ./samhain ./yule /usr/local/sbin/samhain /usr/local/bin/samhain /usr/bin/samhain /usr/sbin/samhain /usr/local/sbin/yule /usr/local/bin/yule /usr/bin/yule /usr/sbin/yule; do
1861	if test x"${mychktest}" = xyes
1862	then
1863	:
1864	else
1865	if test -f ${sampre}
1866	then
1867	echo "use existing ${sampre} for gpg checksum"
1868	mychk0=`${sampre} -H ${withval} 2>/dev/null`
1869	if test "x$?" != "x0"; then
1870	:
1871	else
1872	mychk="${mychk0}"
1873	mychktest=yes
1874	fi
1875	fi
1876	fi
1877	done
1878	if test x${mychktest} = xno; then
1879	AC_MSG_WARN([--with-gpg: cannot determine TIGER192 checksum of ${withval}])
1880	echo "-------------------------------------------------------------"
1881	echo " Your gpg binary does not support the TIGER192 checksum, "
1882	echo " and I cannot find an existing samhain binary to use instead."
1883	echo " You can:"
1884	echo " (a) run make to compile a samhain binary, then repeat"
1885	echo " ./configure and make"
1886	echo " (b) ignore the failure. The checksum of the gpg binary"
1887	echo " will not get compiled in, thus allowing an attacker"
1888	echo " to replace gpg with a trojan and subverting the gpg"
1889	echo " signature verification of configure and database files."
1890	echo
1891	echo " PLEASE IGNORE THIS MESSAGE IF YOU ALSO USE --with-checksum"
1892	echo "-------------------------------------------------------------"
1893	fi
1894	else
1895	mychk="${mychk0}"
1896	fi
1897	else
1898	AC_MSG_WARN([--with-gpg: cannot find GnuPG PATH=${withval}])
1899	fi
1900	fi
1901	AC_DEFINE(WITH_GPG)
1902	AC_DEFINE_UNQUOTED(DEFAULT_GPG_PATH, _("${mygpg}") )
1903	AC_SUBST(mygpg)
1904	fi
1905	]
1906	)
1907
1908	dnl AC_ARG_WITH(pgp,
1909	dnl [ --with-pgp=PATH Use PGP to verify database/config (no).],
1910	dnl [myppg="$withval"
1911	dnl AC_DEFINE(WITH_PGP)
1912	dnl AC_DEFINE_UNQUOTED(DEFAULT_PGP_PATH, _("${myppg}") )
1913	dnl ])
1914
1915	AC_ARG_WITH(checksum,
1916	[ --with-checksum=CHKSUM compile in gpg/pgp checksum [[yes]]],
1917	[
1918	if test "x${withval}" != "xno"; then
1919	if test "x${withval}" != "xyes"; then
1920	if test "x${mychk}" != "x"; then
1921	if test "x${mychk}" != "x${withval}"; then
1922	AC_MSG_WARN([--with-checksum: possible gpg CHKSUM problem])
1923	AC_MSG_WARN([--with-checksum: CHKSUM=${withval}])
1924	AC_MSG_WARN([--with-checksum: autodetected=${mychk}])
1925	fi
1926	fi
1927	mychk="${withval}"
1928	else
1929	if test "x${mychk}" = "x"; then
1930	AC_MSG_ERROR([--with-checksum: gpg CHKSUM not specified])
1931	fi
1932	fi
1933	AC_DEFINE(HAVE_GPG_CHECKSUM)
1934	AC_DEFINE_UNQUOTED(GPG_HASH, _("${mychk}") )
1935	echo "${mychk}" \| sed 's,.*:,,g' \| sed 's, ,,g' \| sed 's,\(.\),\1:,g' \| awk '{ split($0, arr, ":"); m = length($1)/2; print "#ifndef CHKSUM_H"; print "#define CHKSUM_H"; print "char gpgchk[50];"; for (i=1; i <= m; i++) printf "gpgchk[%d] = %c%s%c;\n", i-1, 39, arr[i], 39; printf "gpgchk[48] = %c%c0%c;\n", 39, 92, 39; print "#endif"; }' > sh_gpg_chksum.h
1936	fi
1937	],
1938	[
1939	if test "x${mygpg}" != "x"; then
1940	if test "x${mychk}" != "x"; then
1941	AC_DEFINE(HAVE_GPG_CHECKSUM)
1942	AC_DEFINE_UNQUOTED(GPG_HASH, _("${mychk}") )
1943	echo "${mychk}" \| sed 's,.*:,,g' \| sed 's, ,,g' \| sed 's,\(.\),\1:,g' \| awk '{ split($0, arr, ":"); m = length($1)/2; print "#ifndef CHKSUM_H"; print "#define CHKSUM_H"; print "char gpgchk[50];"; for (i=1; i <= m; i++) printf "gpgchk[%d] = %c%s%c;\n", i-1, 39, arr[i], 39; printf "gpgchk[48] = %c%c0%c;\n", 39, 92, 39; print "#endif"; }' > sh_gpg_chksum.h
1944	fi
1945	fi
1946	]
1947	)
1948
1949	AC_ARG_WITH(fp,
1950	[ --with-fp=FINGERPRINT compile in public key fingerprint [[no]]],
1951	[
1952	if test "x${withval}" != "xno"; then
1953	if test "x${withval}" != "xyes"; then
1954	withval0=`echo ${withval} \| sed 's% %%g'`
1955	echo "${withval0}" \| \
1956	grep ['[^0123456789abcdefABCDEF]'] >/dev/null 2>&1 &&
1957	AC_MSG_ERROR([--with-fp: invalid character(s) in FINGERPRINT=${withval0}])
1958	sh_len=`echo ${withval0} \| wc -c \| sed 's% %%g'`
1959	sh_len0=`expr ${sh_len} \- 1`
1960	if test "x${sh_len0}" = "x40" \|\| test "x${sh_len0}" = "x32"
1961	then
1962	myfp="${withval0}"
1963	AC_DEFINE(USE_FINGERPRINT)
1964	AC_DEFINE_UNQUOTED(SH_GPG_FP, _("${myfp}") )
1965	echo "${myfp}" \| sed 's,.*:,,g' \| sed 's, ,,g' \| sed 's,\(.\),\1:,g' \| awk '{ split($0, arr, ":"); m = length($1)/2; print "#ifndef FINGERPRINT_H"; print "#define FINGERPRINT_H"; printf "char gpgfp[%d];\n", m+1; for (i=1; i <= m; i++) printf "gpgfp[%d] = %c%s%c;\n", i-1, 39, arr[i], 39; printf "gpgfp[%d] = %c%c0%c;\n", m, 39, 92, 39; print "#endif"; }' > sh_gpg_fp.h
1966	else
1967	AC_MSG_ERROR([--with-fp: length (${sh_len0}) of FINGERPRINT ${withval0} incorrect])
1968	fi
1969	else
1970	AC_MSG_ERROR([--with-fp: usage error ... FINGERPRINT=yes])
1971	fi
1972	fi
1973	])
1974
1975
1976	dnl
1977	dnl MAIL OPTIONS
1978	dnl
1979
1980	AC_ARG_WITH(recipient,
1981	[ --with-recipient=ADDR set recipient(s) for e-mail [[none]]],
1982	[
1983	withval0=`echo ${withval} \| sed 's%,% %g'`
1984	for sh_item in ${withval0}
1985	do
1986	case ${sh_item} in
1987	*@localhost)
1988	;;
1989	@.*)
1990	sh_tmp=`echo ${sh_item} \| awk '{ if ($1 ~ [/^[a-zA-Z0-9][a-zA-Z0-9\-_\.]*@[a-zA-Z0-9\-\.]+\.([a-zA-Z]+\|[0-9]+)$/]) {print 1; } else { print 0}}'`
1991	if test "x${sh_tmp}" != "x1"
1992	then
1993	AC_MSG_ERROR([--with-recipient: invalid mail address ${sh_item}])
1994	fi
1995	;;
1996	*)
1997	AC_MSG_ERROR([--with-recipient: invalid mail address ${sh_item}])
1998	;;
1999	esac
2000	done
2001	myrcp="$withval0"
2002	],
2003	[myrcp="NULL"])
2004	AC_DEFINE_UNQUOTED(DEFAULT_MAILADDRESS, _("${myrcp}") )
2005
2006
2007	AC_ARG_WITH(sender,
2008	[ --with-sender=SENDER set sender for e-mail [[daemon]]],
2009	[
2010	mysender="${withval}"
2011	],
2012	[
2013	mysender="daemon"
2014	])
2015	AC_DEFINE_UNQUOTED(DEFAULT_SENDER, _("${mysender}") )
2016
2017
2018	dnl
2019	dnl PATHS
2020	dnl
2021
2022	AC_ARG_WITH(trusted,
2023	[ --with-trusted=UID Set uid(s) of trusted users [[0]]],
2024	[
2025	sh_tmp_test=no
2026	sh_tmp=`echo ${withval} \| sed 's%,% %g'`
2027	for sh_tmp1 in ${sh_tmp}
2028	do
2029	echo "${sh_tmp1}" \| grep ['[^0123456789]'] >/dev/null 2>&1 &&
2030	AC_MSG_ERROR([--with-trusted: non-numeric UID in ${withval}])
2031	if test "x${sh_tmp1}" = "x0"
2032	then
2033	sh_tmp_test=yes
2034	fi
2035	done
2036	if test "x${sh_tmp_test}" = "xno"
2037	then
2038	withval="0,${withval}"
2039	fi
2040	mytrust="${withval}"
2041	],
2042	[mytrust="0"] )
2043	AC_DEFINE_UNQUOTED(SL_ALWAYS_TRUSTED, ${mytrust} )
2044	AC_SUBST(mytrust)
2045
2046	AC_ARG_WITH(tmp-dir,
2047	[ --with-tmp-dir=PFX set directory for temporary files [[HOME]]],
2048	[
2049	if test "x${cross_compiling}" = xyes; then
2050	:
2051	else
2052	if test -d "${withval}"; then
2053	my_tmp_dir="$withval"
2054	AC_DEFINE_UNQUOTED(SH_TMPDIR, _("${my_tmp_dir}") )
2055	else
2056	AC_MSG_ERROR([--with-tmp-dir: tmp directory ${withval} does not exist])
2057	fi
2058	fi
2059	]
2060	)
2061
2062	dnl
2063	dnl PATH DEFAULTS
2064	dnl
2065
2066	if test "x${ac_prefix_set}" = xyes
2067	then
2068	if test "x${exec_prefix}" = xNONE
2069	then
2070	exec_prefix="${prefix}"
2071	fi
2072
2073	if test "x${prefix}" = xOPT
2074	then
2075	tmp_sbindir="/opt/${install_name}/bin"
2076	tmp_sysconfdir="/etc/opt"
2077	tmp_mandir="/opt/${install_name}/man"
2078	tmp_localstatedir="/var/opt/${install_name}"
2079	elif test "x${prefix}" = xUSR
2080	then
2081	tmp_sbindir="/usr/sbin"
2082	tmp_sysconfdir="/etc"
2083	tmp_mandir="/usr/share/man"
2084	tmp_localstatedir="/var"
2085	else
2086	tmp_sbindir=`eval echo ${sbindir}`
2087	tmp_sysconfdir=`eval echo ${sysconfdir}`
2088	tmp_mandir=`eval echo ${mandir}`
2089	tmp_localstatedir=`eval echo ${localstatedir}`
2090	fi
2091	else
2092	prefix=""
2093	if test "x${ac_exec_prefix_set}" = xyes
2094	then
2095	tmp_sbindir=`eval echo ${sbindir}`
2096	else
2097	tmp_sbindir="/usr/local/sbin"
2098	fi
2099	tmp_sysconfdir="/etc"
2100	# share/man -> man (FHS) 11.10.2002
2101	tmp_mandir="/usr/local/man"
2102	tmp_localstatedir="/var"
2103	fi
2104
2105
2106	if test "x${ac_sbindir_set}" = xyes
2107	then
2108	:
2109	else
2110	sbindir=`eval echo ${tmp_sbindir}`
2111	fi
2112
2113
2114	if test "x${ac_sysconfdir_set}" = xyes
2115	then
2116	:
2117	else
2118	sysconfdir=`eval echo ${tmp_sysconfdir}`
2119	fi
2120
2121	if test "x${ac_mandir_set}" = xyes
2122	then
2123	:
2124	else
2125	mandir=`eval echo ${tmp_mandir}`
2126	fi
2127
2128	if test "x${ac_localstatedir_set}" = xyes
2129	then
2130	:
2131	else
2132	localstatedir=`eval echo ${tmp_localstatedir}`
2133	fi
2134
2135
2136
2137	AC_ARG_WITH(config-file,
2138	[ --with-config-file=FILE configuration file [[/etc/{install_name}rc]]],
2139	[
2140	myconffile="${withval}"
2141	changequote(<<, >>)dnl
2142	tmp=`echo ${withval} \| sed 's%^REQ_FROM_SERVER%%'`
2143	sysconfdir=`echo ${tmp} \| sed 's%/[^/][^/]*$%%'`
2144	myrpmconffile="${tmp}"
2145	changequote([, ])dnl
2146	],
2147	[
2148	myconffile="${sysconfdir}/${install_name}rc"
2149	myrpmconffile="${myconffile}"
2150	]
2151	)
2152	AC_DEFINE_UNQUOTED(DEFAULT_CONFIGFILE, _("${myconffile}") )
2153	AC_SUBST(myconffile)
2154	AC_SUBST(myrpmconffile)
2155
2156	AC_ARG_WITH(log-file,
2157	[ --with-log-file=FILE path of log file [[/var/log/{install_name}_log]]],
2158	[
2159	mylogfile="$withval"
2160	changequote(<<, >>)dnl
2161	mylogdir=`echo ${withval} \| sed 's%/[^/][^/]*$%%'`
2162	changequote([, ])dnl
2163	],
2164	[
2165	if test "x${mytclient}" = "x-DSH_WITH_SERVER"; then
2166	mylogfile="${localstatedir}/log/${install_name}/${install_name}_log"
2167	mylogdir="${localstatedir}/log/${install_name}"
2168	else
2169	mylogfile="${localstatedir}/log/${install_name}_log"
2170	mylogdir="${localstatedir}/log"
2171	fi
2172	]
2173	)
2174	AC_DEFINE_UNQUOTED(DEFAULT_ERRFILE, _("${mylogfile}") )
2175	AC_DEFINE_UNQUOTED(DEFAULT_LOGDIR, _("${mylogdir}") )
2176	AC_SUBST(mylogfile)
2177	AC_SUBST(mylogdir)
2178
2179	AC_ARG_WITH(pid-file,
2180	[ --with-pid-file=FILE set path of pid file [[/var/run/{install_name}.pid]]],
2181	[
2182	mylockfile="$withval"
2183	changequote(<<, >>)dnl
2184	mylockdir=`echo ${withval} \| sed 's%/[^/][^/]*$%%'`
2185	changequote([, ])dnl
2186	],
2187	[
2188	mylockfile="${localstatedir}/run/${install_name}.pid"
2189	mylockdir="${localstatedir}/run"
2190	]
2191	)
2192	AC_DEFINE_UNQUOTED(DEFAULT_ERRLOCK, _("${mylockfile}") )
2193	AC_DEFINE_UNQUOTED(DEFAULT_PIDDIR, _("${mylockdir}") )
2194	AC_SUBST(mylockfile)
2195	AC_SUBST(mylockdir)
2196
2197	AC_ARG_WITH(state-dir,
2198	[ --with-state-dir=PFX set state data directory [[/var/lib/{install_name}]]],
2199	[
2200	mydataroot="$withval"
2201	],
2202	[
2203	mydataroot="${localstatedir}/lib/${install_name}"
2204	]
2205	)
2206	AC_ARG_WITH(data-file,
2207	[ --with-data-file=FILE set path of data file],
2208	[
2209	mydatafile="$withval"
2210	changequote(<<, >>)dnl
2211	tmp=`echo ${withval} \| sed 's%^REQ_FROM_SERVER%%'`
2212	mydataroot=`echo ${tmp} \| sed 's%/[^/][^/]*$%%'`
2213	myrpmdatafile="${tmp}"
2214	changequote([, ])dnl
2215	if test x"${tmp}" = x
2216	then
2217	echo "No local path in data file ${withval}"
2218	echo "This will not work for initializing the database."
2219	if test x"${withval}" = xREQ_FROM_SERVER
2220	then
2221	echo "It should be REQ_FROM_SERVER/some/local/path"
2222	fi
2223	AC_MSG_ERROR([--with-data-file: invalid path ${withval}])
2224	fi
2225	],
2226	[
2227	mydatafile="${mydataroot}/${install_name}_file"
2228	myrpmdatafile="${mydatafile}"
2229	])
2230	AC_DEFINE_UNQUOTED(DEFAULT_DATA_FILE, _("${mydatafile}") )
2231	AC_SUBST(mydatafile)
2232	AC_SUBST(myrpmdatafile)
2233
2234	AC_DEFINE_UNQUOTED(DEFAULT_DATAROOT, _("${mydataroot}") )
2235	AC_SUBST(mydataroot)
2236
2237	AC_DEFINE_UNQUOTED(DEFAULT_QDIR, _("${mydataroot}/.quarantine") )
2238	AC_SUBST(myqdir)
2239
2240
2241	AC_ARG_WITH(html-file,
2242	[ --with-html-file=FILE set path of html file,],
2243	[
2244	myhtmlfile="$withval"
2245	],
2246	[
2247	myhtmlfile="${mylogdir}/${install_name}.html"
2248	])
2249	AC_DEFINE_UNQUOTED(DEFAULT_HTML_FILE, _("${myhtmlfile}") )
2250	AC_SUBST(myhtmlfile)
2251
2252
2253	mydefargs=$ac_configure_args
2254	# if test -z "`echo "$mydefargs" \| grep "\-\-enable\-static" 2> /dev/null`"
2255	# then
2256	# mydefargs="--enable-static $mydefargs"
2257	# fi
2258	if test -z "`echo "$mydefargs" \| grep "\-\-enable\-base" 2> /dev/null`"
2259	then
2260	mydefargs="--enable-base=${mykeybase} $mydefargs"
2261	fi
2262	AC_SUBST(mydefargs)
2263
2264
2265	AC_DEFINE_UNQUOTED(SH_INSTALL_DIR, _("${sbindir}"))
2266	AC_DEFINE_UNQUOTED(SH_INSTALL_PATH, _("${sbindir}/${install_name}"))
2267	AC_DEFINE_UNQUOTED(SH_INSTALL_NAME, _("${install_name}"))
2268
2269	AC_CONFIG_HEADER(config.h)
2270
2271	AC_OUTPUT(
2272	[
2273	Makefile
2274	samhain-install.sh
2275	init/samhain.startLSB
2276	init/samhain.startLinux
2277	init/samhain.startGentoo
2278	init/samhain.startFreeBSD
2279	init/samhain.startSolaris
2280	init/samhain.startHPUX
2281	init/samhain.startIRIX
2282	samhain.spec
2283	rules.deb
2284	rules.deb-light
2285	hp_ux.psf
2286	scripts/samhain.spec
2287	scripts/redhat_i386.client.spec
2288	scripts/samhain.ebuild
2289	scripts/samhain.ebuild-light
2290	scripts/samhainadmin.pl
2291	scripts/check_samhain.pl
2292	deploy.sh
2293	],
2294	[
2295	echo timestamp > stamp-h
2296	chmod +x samhain-install.sh
2297	chmod +x scripts/samhainadmin.pl
2298	chmod +x scripts/check_samhain.pl
2299	]
2300	)
2301
2302	chmod +x deploy.sh
2303
2304	if test "x${cross_compiling}" = xyes
2305	then
2306
2307	echo "--------------------------------------------------------------"
2308	echo
2309	echo "You are using a cross-compiler. The following system dependent"
2310	echo "values may have been set to default values that may be"
2311	echo "incorrect for your target system: "
2312	echo
2313	echo "ac_cv_c_bigendian bigendian byte order ${ac_cv_c_bigendian}"
2314	echo "ac_cv_c_long_double long double exists ${ac_cv_c_long_double}"
2315	echo "ac_cv_sizeof_char_p size of pointer to char ${ac_cv_sizeof_char_p}"
2316	echo "ac_cv_sizeof_char_p size of size_t ${ac_cv_sizeof_size_t}"
2317	echo "ac_cv_sizeof_unsigned_int_ size of unsigned int ${ac_cv_sizeof_unsigned_int_}"
2318	echo "ac_cv_sizeof_unsigned_long size of unsigned long ${ac_cv_sizeof_unsigned_long}"
2319	echo "ac_cv_sizeof_unsigned_short size of unsigned short ${ac_cv_sizeof_unsigned_short}"
2320	echo
2321	echo "If these values are incorrect, change them in the file "
2322	echo "config.cache and run configure again."
2323	echo
2324	echo "--------------------------------------------------------------"
2325
2326	fi
2327
2328	if test x${silent} != xyes
2329	then
2330
2331	# A=`eval echo ${sbindir}` ; A=`eval echo ${A}`
2332	# B=`eval echo ${myconffile}` ; B=`eval echo ${B}`
2333	# C=`eval echo ${mandir}` ; C=`eval echo ${C}`
2334	# D=`eval echo ${mylockfile}` ; D=`eval echo ${D}`
2335	# E=`eval echo ${mylogfile}` ; E=`eval echo ${E}`
2336	# F=`eval echo ${mydataroot}` ; F=`eval echo ${F}`
2337
2338	echo
2339	echo " samhain has been configured as follows:"
2340	echo " System binaries: ${sbindir}"
2341	echo " Configuration file: ${myconffile}"
2342	echo " Manual pages: ${mandir}"
2343	echo " Data: ${mydataroot}"
2344	echo " PID file: ${mylockfile}"
2345	echo " Log file: ${mylogfile}"
2346	echo " Base key: ${mykeybase}"
2347	echo
2348	if test x"$mytclient" = x"-DSH_WITH_SERVER"
2349	then
2350	echo " Selected rc file: yulerc"
2351	else
2352	echo " Selected rc file: samhainrc.${selectconfig}"
2353	fi
2354
2355	fi
2356

Note: See TracBrowser for help on using the repository browser.

Download in other formats: