source: trunk/configure.ac@ 6

Last change on this file since 6 was 5, checked in by rainer, 19 years ago

Fixed a stupid bug in sh_files.c; released as 2.1.1a

File size: 64.1 KB
Line 
1dnl We want to override the standard AC_INIT_PARSE_ARGS,
2dnl which requires replacing AC_INIT() with its expanded
3dnl content.
4dnl
5dnl include own macros
6dnl
7sinclude(acsite.m4)dnl
8sinclude(./aclocal.m4)dnl
9
10dnl
11dnl AC_INIT(samhain.c)
12dnl
13# Forbidden tokens and exceptions.
14m4_pattern_forbid([^_?A[CHUM]_])
15m4_pattern_forbid([_AC_])
16m4_pattern_forbid([^LIBOBJS$],
17 [do not use LIBOBJS directly, use AC_LIBOBJ (see section `AC_LIBOBJ vs. LIBOBJS'])
18# Actually reserved by M4sh.
19m4_pattern_allow([^AS_FLAGS$])
20AS_INIT
21dnl m4_ifval([$2], [_AC_INIT_PACKAGE($@)])
22_AC_INIT_DEFAULTS
23SH_INIT_PARSE_ARGS
24_AC_INIT_SRCDIR
25SH_INIT_HELP
26_AC_INIT_VERSION
27_AC_INIT_CONFIG_LOG
28_AC_INIT_PREPARE
29_AC_INIT_NOTICE
30_AC_INIT_COPYRIGHT
31m4_ifval([$2], , [m4_ifval([$1], [AC_CONFIG_SRCDIR([$1])])])dnl
32
33AC_ARG_VAR([LIBS],
34 [libraries to link against, e.g. -lintl])
35
36dnl
37dnl start
38dnl
39AM_INIT_AUTOMAKE(samhain, 2.1.1a)
40AC_CANONICAL_HOST
41
42dnl
43dnl checks for programs
44dnl
45
46AC_PROG_CC
47AC_PROG_CPP
48AC_PROG_INSTALL
49AC_PROG_LN_S
50AC_PROG_AWK
51AC_PATH_PROG(cmd_hostname,hostname)
52AC_SUBST(cmd_hostname)
53
54GCC_STACK_PROTECT_CC
55
56AC_HEADER_STDC
57dnl
58dnl first one is a dummy because of an autoconf bug
59dnl (no HAVE_... for first one)
60dnl
61AC_CHECK_HEADERS([sys/ipc.h sys/msg.h sys/uio.h fcntl.h])
62
63
64AC_MSG_CHECKING([for host-specific issues])
65mydebugflag=no
66myneedg3=no
67uid_cast="signed long"
68selectconfig=linux
69mynetbsd=no
70sh_use_lcaps="undef"
71
72case "$host_os" in
73
74 *linux*)
75 sh_use_lcaps="yes"
76 AC_DEFINE(HOST_IS_LINUX)
77 AC_DEFINE(HAVE_EXT2_IOCTLS)
78 AC_MSG_RESULT(LINUX use ioctl to get e2fs flags)
79 case "$host_cpu" in
80 i*86*)
81 AC_DEFINE(HOST_IS_I86LINUX)
82 ;;
83 *)
84 ;;
85 esac
86 ;;
87
88 *osf*)
89 AC_DEFINE([HOST_IS_OSF], 1, [Define if host OS is OSF])
90 if test "x$GCC" != "xyes"; then
91 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
92 CFLAGS="$CFLAGS -O2 -assume noaligned_objects"
93 myneedg3=yes
94 AC_MSG_RESULT(OSF1 compiler needs assume noaligned_objects)
95 else
96 AC_MSG_RESULT(none)
97 fi
98 ;;
99
100 *cygwin*)
101 AC_DEFINE(HOST_IS_CYGWIN)
102 AC_MSG_RESULT(CYGWIN do not check for trusted paths)
103 ;;
104
105 *darwin*)
106 AC_DEFINE(HOST_IS_DARWIN)
107 AC_MSG_RESULT(DARWIN check resource forks)
108 ;;
109
110 *freebsd*)
111 AC_DEFINE(HOST_IS_FREEBSD)
112 selectconfig=freebsd
113 AC_MSG_RESULT(none)
114 ;;
115
116 *openbsd*)
117 selectconfig=freebsd
118 AC_MSG_RESULT(none)
119 ;;
120
121 *netbsd*)
122 mynetbsd=yes
123 AC_MSG_RESULT(NETBSD bug with libresolve)
124 ;;
125
126 *solaris*)
127 selectconfig=solaris
128 AC_DEFINE(HOST_IS_SOLARIS)
129 case "$host_cpu" in
130 i*86)
131 AC_DEFINE(HOST_IS_I86SOLARIS)
132 AC_MSG_RESULT(SOLARIS I86 vsnprintf prototype)
133 ;;
134 *)
135 AC_MSG_RESULT(none)
136 ;;
137 esac
138 if test "x$GCC" != "xyes"; then
139 if test ! -z "`echo "$CFLAGS" | grep "\-g" 2> /dev/null`" ; then
140 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
141 fi
142 if test -z "`echo "$CFLAGS" | grep "\-xO2" 2> /dev/null`"; then
143 CFLAGS="$CFLAGS -xO2"
144 fi
145 if test -z "`echo "$CFLAGS" | grep "\-Xa" 2> /dev/null`"; then
146 CFLAGS="$CFLAGS -Xa"
147 fi
148 LIBS="-lc $LIBS"
149 fi
150 ;;
151
152
153 *sun*)
154 selectconfig=solaris
155 AC_DEFINE(HOST_IS_SOLARIS)
156 AC_MSG_RESULT(none)
157 ;;
158
159 *aix*)
160 AC_DEFINE(HOST_IS_AIX)
161 selectconfig=aix5.2.0
162 uid_cast="unsigned long"
163 if test "x$GCC" != "xyes"; then
164 if test ! -z "`echo "$CFLAGS" | grep "\-g" 2> /dev/null`" ; then
165 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
166 fi
167 if test -z "`echo "$CFLAGS" | grep "\-O3" 2> /dev/null`"; then
168 CFLAGS="$CFLAGS -O3"
169 fi
170 if test -z "`echo "$CFLAGS" | grep "\-qstrict" 2> /dev/null`"; then
171 CFLAGS="$CFLAGS -qstrict"
172 fi
173 AC_MSG_RESULT(AIX size_t in the accept call and optimize O3 qstrict)
174 else
175 AC_MSG_RESULT(AIX size_t in the accept call)
176 fi
177 ;;
178
179 *hpux*)
180 AC_MSG_RESULT(HPUX has not always h_errno defined)
181 AC_DEFINE(HOST_IS_HPUX)
182 if test "x$GCC" != "xyes"; then
183 if test ! -z "`echo "$CFLAGS" | grep "\-g" 2> /dev/null`" ; then
184 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
185 fi
186 if test -z "`echo "$CFLAGS" | grep "\-fast" 2> /dev/null`"; then
187 CFLAGS="$CFLAGS -fast"
188 fi
189 fi
190 ;;
191
192 *ultrix*)
193 AC_MSG_RESULT(ULTRIX getcwd uses popen)
194 AC_DEFINE(HAVE_BROKEN_GETCWD)
195 ;;
196
197 *)
198 AC_MSG_RESULT(none)
199 ;;
200esac
201
202AC_SUBST(selectconfig)
203AC_DEFINE_UNQUOTED(UID_CAST, ${uid_cast})
204
205
206dnl *****************************************
207dnl
208dnl checks for header files
209dnl
210dnl *****************************************
211
212AC_HEADER_DIRENT
213AC_HEADER_MAJOR
214AC_HEADER_TIME
215dnl used in minilzo.c
216AC_HEADER_STAT
217AC_DECL_SYS_SIGLIST
218
219AC_CHECK_HEADERS(stddef.h libgen.h sched.h \
220 sys/vfs.h \
221 sys/select.h sys/socket.h netinet/in.h \
222 regex.h glob.h \
223 linux/ext2_fs.h ext2fs/ext2_fs.h \
224 paths.h arpa/nameser.h arpa/nameser_compat.h,
225 [],
226 [],
227 [#include <sys/types.h>]
228)
229
230
231AC_CHECK_HEADER(utmpx.h, sh_utmpx="yes", sh_utmpx="no")
232if test "x$sh_utmpx" = "xyes"; then
233 if cat "/usr/include/utmpx.h" 2>&5 |
234 egrep "WTMPX_FILE" >/dev/null 2>&1; then
235 AC_DEFINE(HAVE_UTMPX_H)
236 AC_EGREP_HEADER(ut_host, utmpx.h, AC_DEFINE(HAVE_UTHOST) )
237 AC_EGREP_HEADER(ut_addr, utmpx.h, AC_DEFINE(HAVE_UTADDR) )
238 AC_EGREP_HEADER(ut_xtime,utmpx.h, AC_DEFINE(HAVE_UTXTIME) )
239 AC_EGREP_HEADER(ut_type, utmpx.h, AC_DEFINE(HAVE_UTTYPE) )
240 else
241 AC_EGREP_HEADER(ut_addr, utmp.h, AC_DEFINE(HAVE_UTADDR) )
242 AC_EGREP_HEADER(ut_host, utmp.h, AC_DEFINE(HAVE_UTHOST) )
243 AC_EGREP_HEADER(ut_type, utmp.h, AC_DEFINE(HAVE_UTTYPE) )
244 fi
245else
246 AC_EGREP_HEADER(ut_host, utmp.h, AC_DEFINE(HAVE_UTHOST) )
247 AC_EGREP_HEADER(ut_type, utmp.h, AC_DEFINE(HAVE_UTTYPE) )
248fi
249
250dnl need to check because AIX 4.2 does not have it
251dnl
252AC_CHECK_MEMBERS([struct statfs.f_flags],[],[],[
253#ifdef HAVE_SYS_TYPES_H
254#include <sys/types.h>
255#endif
256#ifdef HAVE_SYS_STAT_H
257#include <sys/stat.h>
258#endif
259#ifdef HAVE_SYS_VFS_H
260#include <sys/vfs.h>
261#endif
262#ifdef HAVE_UNISTD_H
263#include <unistd.h>
264#endif
265])
266
267AC_SYS_LARGEFILE
268
269dnl
270dnl check whether _POSIX_SOURCE is required
271dnl
272SAMHAIN_POSIX
273
274
275dnl *****************************************
276dnl
277dnl Checks for library functions.
278dnl
279dnl *****************************************
280AC_FUNC_STRFTIME
281AC_CHECK_FUNCS(memcmp memcpy memmove memset getpwent endpwent \
282 gettimeofday strlcat strlcpy strstr strchr strerror strsignal \
283 seteuid setreuid setresuid lstat getwd getcwd ptrace \
284 usleep setpriority getpeereid nanosleep \
285 strptime basename sched_yield \
286 inet_aton gethostbyname setutent setrlimit gethostname uname \
287 initgroups getpagesize \
288 ttyname fchmod
289)
290AC_CHECK_FUNC(statfs, AC_DEFINE(HAVE_STATFS) statfs="yes", statfs="no")
291SL_CHECK_VA_COPY
292AC_CHECK_FUNCS(vsnprintf, [SL_CHECK_VSNPRINTF])
293AC_CHECK_MLOCK
294
295AC_MSG_CHECKING(how to get filesystem type)
296fstype=no
297# The order of these tests is important.
298AC_TRY_CPP([#include <sys/statvfs.h>
299#include <sys/fstyp.h>], AC_DEFINE(FSTYPE_STATVFS) fstype=SVR4)
300if test $fstype = no; then
301AC_TRY_CPP([#include <sys/statfs.h>
302#include <sys/fstyp.h>], AC_DEFINE(FSTYPE_USG_STATFS) fstype=SVR3)
303fi
304if test $fstype = no; then
305AC_TRY_CPP([#include <sys/statfs.h>
306#include <sys/vmount.h>], AC_DEFINE(FSTYPE_AIX_STATFS) fstype=AIX)
307fi
308if test $fstype = no; then
309AC_TRY_CPP([#include <mntent.h>], AC_DEFINE(FSTYPE_MNTENT) fstype=4.3BSD)
310fi
311if test $fstype = no; then
312AC_EGREP_HEADER(f_type;, sys/mount.h, AC_DEFINE(FSTYPE_STATFS) fstype=4.4BSD/OSF)
313fi
314if test $fstype = no; then
315AC_TRY_CPP([#include <sys/mount.h>
316#include <sys/fs_types.h>], AC_DEFINE(FSTYPE_GETMNT) fstype=Ultrix)
317fi
318AC_MSG_RESULT($fstype)
319
320sh_libsocket=
321
322dnl Solaris needs -lsocket and -lnsl. Unisys system includes
323dnl gethostbyname in libsocket but needs libnsl for socket.
324AC_CHECK_LIB(nsl, gethostbyname)
325AC_CHECK_LIB(socket, socket, ac_need_libsocket=1, ac_try_nsl=1)
326if test x$ac_need_libsocket = x1; then
327 LIBS="$LIBS -lsocket"
328 sh_libsocket="-lsocket"
329fi
330if test x$ac_try_nsl = x1; then
331 AC_CHECK_LIB(nsl, gethostbyname, ac_need_libnsl=1)
332 if test x$ac_need_libnsl = x1
333 then
334 LIBS="$LIBS -lnsl"
335 fi
336fi
337AC_SUBST(sh_libsocket)
338
339AC_CHECK_LIB(socket, res_search, [
340 AC_CHECK_LIB(resolv, dn_skipname)
341 AC_CHECK_LIB(resolv, __dn_skipname)
342 if test x$ac_need_libsocket = x1; then
343 :
344 else
345 LIBS="$LIBS -lsocket"
346 fi
347 ], [
348 AC_CHECK_LIB(resolv, res_search, [
349 LIBS="$LIBS -lresolv"
350 ], [
351 AC_CHECK_LIB(resolv, dn_skipname)
352 AC_CHECK_LIB(resolv, __dn_skipname)
353 ])
354 ])
355
356dnl arguments for accept
357
358dnl check for Unix98 socklen_t (found on
359dnl xemacs-patches mailing list, written
360dnl by Martin Buchholz)
361dnl
362dnl On Darwin(MacOSX) socklen_t needs to be
363dnl an int (see accept man page), on all other
364dnl unix systems we need a size_t.
365
366AC_MSG_CHECKING(for socklen_t)
367AC_TRY_COMPILE([
368#ifdef HAVE_SYS_TYPES_H
369#include <sys/types.h>
370#endif
371#ifdef HAVE_SYS_SOCKET_H
372#include <sys/socket.h>
373#endif
374 socklen_t x;
375], [],[
376 AC_MSG_RESULT(yes)
377 AC_DEFINE_UNQUOTED([ACCEPT_TYPE_ARG3],[socklen_t], [type of arg3 of accept])
378],[
379 AC_TRY_COMPILE([
380#ifdef HAVE_SYS_TYPES_H
381#include <sys/types.h>
382#endif
383#ifdef HAVE_SYS_SOCKET_H
384#include <sys/socket.h>
385#endif
386 int accept (int, struct sockaddr *, size_t *);
387 ],[],[
388 AC_MSG_RESULT(size_t)
389 AC_DEFINE_UNQUOTED([ACCEPT_TYPE_ARG3],[size_t], [type of arg3 of accept])
390 ], [
391 AC_MSG_RESULT(int)
392 AC_DEFINE_UNQUOTED([ACCEPT_TYPE_ARG3],[int], [type of arg3 of accept])
393 ]
394 )
395])
396
397
398dnl *****************************************
399dnl checks for typedefs
400dnl *****************************************
401
402AC_C_LONG_DOUBLE
403SH_CHECK_TYPEDEF(long long, HAVE_LONG_LONG)
404if test "$sh_HAVE_LONG_LONG" = "yes"; then
405 AC_CHECK_SIZEOF(unsigned long long, 4)
406 if test "$ac_cv_sizeof_unsigned_long_long" = "8"; then
407 AC_DEFINE(HAVE_LONG_LONG_64, 1, [Define if you have 64bit long long])
408 fi
409fi
410
411AC_CHECK_TYPE(ptrdiff_t, long)
412AC_TYPE_SIZE_T
413AC_CHECK_SIZEOF(char *, 4)
414AC_CHECK_SIZEOF(size_t, 4)
415
416AC_CHECK_SIZEOF(unsigned long, 4)
417AC_CHECK_SIZEOF(unsigned int , 4)
418AC_CHECK_SIZEOF(unsigned short, 2)
419
420
421if test "$ac_cv_sizeof_unsigned_long" = "4"; then
422 AC_DEFINE(HAVE_LONG_32)
423fi
424if test "$ac_cv_sizeof_unsigned_long" = "8"; then
425 AC_DEFINE(HAVE_LONG_64)
426fi
427if test "$ac_cv_sizeof_unsigned_int" = "4"; then
428 AC_DEFINE(HAVE_INT_32)
429fi
430
431dnl
432dnl For Alpha
433dnl
434if test "$ac_cv_sizeof_unsigned_int_" = "4"; then
435 AC_DEFINE(HAVE_INT_32)
436fi
437if test "$ac_cv_sizeof_unsigned_short" = "4"; then
438 AC_DEFINE(HAVE_SHORT_32)
439fi
440
441dnl *****************************************
442dnl checks for structures
443dnl *****************************************
444
445AC_STRUCT_TM
446
447dnl
448dnl from e2fsprogs
449dnl
450AC_MSG_CHECKING(whether struct stat has a st_flags field)
451AC_CACHE_VAL(e2fsprogs_cv_struct_st_flags,
452 AC_TRY_COMPILE([#include <sys/stat.h>],
453 [struct stat stat; stat.st_flags = 0;],
454 [e2fsprogs_cv_struct_st_flags=yes],
455 [e2fsprogs_cv_struct_st_flags=no]))
456AC_MSG_RESULT($e2fsprogs_cv_struct_st_flags)
457if test "$e2fsprogs_cv_struct_st_flags" = yes; then
458 AC_MSG_CHECKING(whether st_flags field is useful)
459 AC_CACHE_VAL(e2fsprogs_cv_struct_st_flags_immut,
460 AC_TRY_COMPILE([#include <sys/stat.h>],
461 [struct stat stat; stat.st_flags |= UF_IMMUTABLE;],
462 [e2fsprogs_cv_struct_st_flags_immut=yes],
463 [e2fsprogs_cv_struct_st_flags_immut=no]))
464 AC_MSG_RESULT($e2fsprogs_cv_struct_st_flags_immut)
465 if test "$e2fsprogs_cv_struct_st_flags_immut" = yes; then
466 AC_DEFINE(HAVE_STAT_FLAGS)
467 fi
468fi
469
470dnl
471dnl from dbus
472dnl
473AC_MSG_CHECKING(for struct cmsgcred)
474AC_TRY_COMPILE([
475#include <sys/types.h>
476#include <sys/socket.h>
477],[
478struct cmsgcred cred;
479
480cred.cmcred_pid = 0;
481],sh_have_struct_cmsgcred=yes,sh_have_struct_cmsgcred=no)
482AC_MSG_RESULT($sh_have_struct_cmsgcred)
483
484if test x$sh_have_struct_cmsgcred = xyes; then
485 AC_DEFINE(HAVE_STRUCT_CMSGCRED,1,[Have cmsgcred structure])
486fi
487
488AC_MSG_CHECKING(for struct fcred)
489AC_TRY_COMPILE([
490#include <sys/param.h>
491#include <sys/socket.h>
492#include <sys/ucred.h>
493],[
494struct fcred sockcred;
495],sh_have_struct_fcred=yes,sh_have_struct_fcred=no)
496AC_MSG_RESULT($sh_have_struct_fcred)
497
498if test x$sh_have_struct_fcred = xyes; then
499 AC_DEFINE(HAVE_STRUCT_FCRED,1,[Have fcred structure])
500fi
501
502AC_MSG_CHECKING(for struct sockcred)
503AC_TRY_COMPILE([
504#include <sys/param.h>
505#include <sys/socket.h>
506#include <sys/ucred.h>
507],[
508struct sockcred sockcred;
509],sh_have_struct_sockcred=yes,sh_have_struct_sockcred=no)
510AC_MSG_RESULT($sh_have_struct_sockcred)
511
512if test x$sh_have_struct_sockcred = xyes; then
513 AC_DEFINE(HAVE_STRUCT_SOCKCRED,1,[Have sockcred structure])
514fi
515
516AC_MSG_CHECKING(for SO_PEERCRED)
517AC_TRY_COMPILE([
518#include <sys/types.h>
519#include <sys/socket.h>
520],[
521int test = SO_PEERCRED;
522],sh_have_SO_PEERCRED=yes,sh_have_SO_PEERCRED=no)
523AC_MSG_RESULT($sh_have_SO_PEERCRED)
524
525if test x$sh_have_SO_PEERCRED = xyes; then
526 AC_DEFINE(HAVE_SO_PEERCRED,1,[Have SO_PEERCRED define])
527fi
528
529
530dnl *****************************************
531dnl checks for compiler characteristics
532dnl *****************************************
533AC_C_INLINE
534AC_C_CONST
535AC_C_BIGENDIAN
536
537AM_SA_SIGACTION_WORKS
538
539dnl *****************************************
540dnl
541dnl checks for system services
542dnl
543dnl *****************************************
544
545dnl
546dnl check for GNU gmp
547dnl
548AC_CHECK_LIB(gmp, __gmpz_init, [sh_have_gmp=yes], [sh_have_gmp=no])
549if test "x${sh_have_gmp}" = xno
550then
551 AC_CHECK_LIB(gmp, mpz_init, [sh_have_gmp=yes], [sh_have_gmp=no])
552fi
553if test "x${sh_have_gmp}" = xyes
554then
555 # LIBS="-lgmp $LIBS"
556 AC_DEFINE(HAVE_LIBGMP, 1, [Have GNU gmp library])
557fi
558AC_CHECK_HEADERS(gmp.h)
559
560
561dnl *****************************************
562dnl
563dnl enable features
564dnl
565dnl *****************************************
566
567AC_ARG_ENABLE(db-reload,
568 [ --enable-db-reload enable database reload on SIGHUP [no]],
569 [
570 if test "x${enable_db_reload}" = xyes; then
571 AC_DEFINE(RELOAD_DATABASE)
572 fi
573 ]
574)
575
576AC_ARG_ENABLE(xml-log,
577 [ --enable-xml-log enable XML logfile format [[no]]],
578 [
579 if test "x${enable_xml_log}" = xyes; then
580 AC_DEFINE(SH_USE_XML)
581 fi
582 ]
583)
584
585
586AC_ARG_ENABLE(mail,
587 [ --disable-mail disable the internal SMTP mailer],
588 [
589 if test "x${enable_mail}" = xno; then
590 :
591 else
592 AC_DEFINE(SH_WITH_MAIL)
593 fi
594 ],
595 [AC_DEFINE(SH_WITH_MAIL)]
596)
597
598AC_ARG_ENABLE(external-scripts,
599 [ --disable-external-scripts disable interface to external scripts],
600 [
601 if test "x${enableval}" = xno; then
602 :
603 else
604 AC_DEFINE(WITH_EXTERNAL)
605 fi
606 ],
607 [AC_DEFINE(WITH_EXTERNAL)]
608)
609
610AC_ARG_ENABLE(message-queue,
611 [ --enable-message-queue[[=MODE]] enable SysV message queue [[MODE=0700]]],
612 [
613 if test "x${enable_message_queue}" = xyes; then
614 AC_DEFINE(WITH_MESSAGE_QUEUE)
615 AC_DEFINE_UNQUOTED(MESSAGE_QUEUE_MODE, 0700)
616 elif test "x${enable_message_queue}" != xno; then
617 echo "${enableval}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
618 AC_MSG_ERROR([--enable-message-queue: MODE must be numeric])
619 echo "${enableval}" | \
620 grep ['0[0123456789][0123456789][0123456789]'] >/dev/null 2>&1 ||
621 AC_MSG_ERROR([--enable-message-queue: MODE must be an octal (0nnn) number])
622 AC_DEFINE(WITH_MESSAGE_QUEUE)
623 AC_DEFINE_UNQUOTED(MESSAGE_QUEUE_MODE, ${enable_message_queue})
624 fi
625 ]
626)
627
628AC_ARG_WITH(cflags,
629 [ --with-cflags additional flags to pass to compiler],
630 [
631 if test "x$withval" != "xno" ; then
632 CFLAGS="$CFLAGS $withval"
633 fi
634 ]
635)
636AC_ARG_WITH(libs,
637 [ --with-libs additional libraries to link with],
638 [
639 if test "x$withval" != "xno" ; then
640 LIBS="$LIBS $withval"
641 fi
642 ]
643)
644
645
646#
647# this is from ssh
648#
649AC_MSG_CHECKING(whether to use libwrap)
650LIBWRAP_LIB=""
651LIBWRAP_INC=""
652AC_ARG_WITH(libwrap,
653[ --with-libwrap[=PATH] Compile in libwrap (TCP Wrappers) support],
654[ AC_MSG_RESULT($withval)
655 case "$withval" in
656 no)
657 ;;
658 ""|yes)
659 LIBWRAP_LIB="-lwrap"
660 ;;
661 *)
662 if test -d "$withval"; then
663 LIBWRAP_LIB="-L$withval -lwrap"
664 changequote(<<, >>)dnl
665 sh_libwrap_inc=`echo ${withval} | sed 's%/[^/][^/]*$%%'`
666 LIBWRAP_INC="-I${sh_libwrap_inc}/include"
667 changequote([, ])dnl
668 else
669 LIBWRAP_LIB="-lwrap"
670 changequote(<<, >>)dnl
671 sh_libwrap_inc=`echo ${withval} | sed 's%/[^/][^/]*$%%'`
672 LIBWRAP_INC="-I${sh_libwrap_inc}"
673 changequote([, ])dnl
674 fi
675 ;;
676 esac
677 if test -n "$LIBWRAP_LIB"; then
678 # OLDLIBS="$LIBS"
679 LIBS="$LIBWRAP_LIB $LIBS"
680 # OLDCFLAGS="$CFLAGS"
681 CFLAGS="$CFLAGS $LIBWRAP_INC"
682 AC_CHECK_HEADER(tcpd.h,
683 [],
684 [ AC_MSG_ERROR([Could not find tcpd.h for libwrap. You must first install tcp_wrappers]) ])
685 AC_TRY_LINK([ #include <tcpd.h>
686 int allow_severity; int deny_severity; ],
687 [ hosts_access((struct request_info *) 0); ],
688 [ AC_DEFINE(SH_USE_LIBWRAP,1,[Build with tcp wrapper support]) ],
689 [ AC_MSG_ERROR([Could not find the libwrap library.]) ])
690 fi ],
691 AC_MSG_RESULT(no)
692)
693
694
695#
696# this is from the snort configure.in
697#
698AC_DEFUN(FAIL_MESSAGE,[
699 echo
700 echo
701 echo "**********************************************"
702 echo " ERROR: unable to find" $1
703 echo " checked in the following places"
704 for i in `echo $2`; do
705 echo " $i"
706 done
707 echo "**********************************************"
708 echo
709 exit
710])
711
712AC_ARG_WITH(libprelude-prefix,
713 [ --with-libprelude-prefix=PFX Prefix where libprelude is installed (optional)],
714 libprelude_config_prefix="$withval", libprelude_config_prefix="")
715
716AC_MSG_CHECKING(whether to use prelude)
717AC_ARG_WITH(prelude,
718 [ --with-prelude Prelude IDS support [[no]]],
719 [
720 if test "x${withval}" = "xno"; then
721 AC_MSG_RESULT(no)
722 else
723 AC_MSG_RESULT(yes)
724 if test x$libprelude_config_prefix != x ; then
725 if test x${LIBPRELUDE_CONFIG+set} != xset ; then
726 LIBPRELUDE_CONFIG=$libprelude_config_prefix/bin/libprelude-config
727 fi
728 fi
729
730 AC_PATH_PROG(LIBPRELUDE_CONFIG, libprelude-config, no)
731 if test x"$LIBPRELUDE_CONFIG" = "xno" ; then
732 HAVE_PRELUDE_CONFIG=no
733 else
734 HAVE_PRELUDE_CONFIG=yes
735 fi
736dnl AC_CHECK_PROG(HAVE_PRELUDE_CONFIG, libprelude-config, yes, no)
737 if test "$HAVE_PRELUDE_CONFIG" = "yes"; then
738 sh_libprelude_version=`$LIBPRELUDE_CONFIG --version`
739 case "$sh_libprelude_version" in
740 0.8*)
741 sh_prelude_libs=`$LIBPRELUDE_CONFIG --libs | sed 's,\(.*\)\( -L.* -lprelude$\),\2 \1,'`
742 sh_prelude_cflags=`$LIBPRELUDE_CONFIG --cflags`
743 LIBS="$LIBS ${sh_prelude_libs}"
744 CFLAGS="$CFLAGS ${sh_prelude_cflags}"
745 AC_DEFINE(HAVE_LIBPRELUDE,1,[Have libprelude])
746 AC_DEFINE(HAVE_LIBPRELUDE_8,1,[Have libprelude 0.8])
747 ;;
748 *)
749 AM_PATH_LIBPRELUDE([0.9.0],
750 [
751 AC_DEFINE(HAVE_LIBPRELUDE,1,[Have libprelude])
752 AC_DEFINE(HAVE_LIBPRELUDE_9,1,[Have libprelude 0.9])
753 CFLAGS="$CFLAGS $LIBPRELUDE_PTHREAD_CFLAGS"
754 LDFLAGS="$LDFLAGS $LIBPRELUDE_LDFLAGS"
755 LIBS="$LIBS $LIBPRELUDE_LIBS"
756 ],
757 [
758 AC_MSG_ERROR([Could not find libprelude.])
759 ])
760 ;;
761 esac
762 else
763 AC_MSG_ERROR([Could not find libprelude.])
764 fi
765 fi
766 ],
767 [
768 AC_MSG_RESULT(no)
769 ]
770)
771
772dnl AC_MSG_CHECKING(whether to use prelude)
773dnl AC_ARG_WITH(prelude,
774dnl [ --with-prelude Prelude IDS support [[no]]],
775dnl [
776dnl if test "x${withval}" = "xno"; then
777dnl AC_MSG_RESULT(no)
778dnl else
779dnl AC_CHECK_PROG(HAVE_PRELUDE_CONFIG, libprelude-config, yes, no)
780dnl if test "$HAVE_PRELUDE_CONFIG" = "yes"; then
781dnl sh_prelude_libs=`libprelude-config --libs | sed 's,\(.*\)\( -L.* -lprelude$\),\2 \1,'`
782dnl sh_prelude_cflags=`libprelude-config --cflags`
783dnl LIBS="$LIBS ${sh_prelude_libs}"
784dnl CFLAGS="$CFLAGS ${sh_prelude_cflags}"
785dnl AC_DEFINE(HAVE_LIBPRELUDE,1,[Have libprelude])
786dnl else
787dnl AC_MSG_ERROR([Could not find libprelude-config. Did you specify a valid path?])
788dnl fi
789dnl fi
790dnl ],
791dnl AC_MSG_RESULT(no)
792dnl )
793
794AC_ARG_ENABLE(static,
795 [ --enable-static enable static linking (recommended) [[no]]],
796 [
797 if test x$enable_static = xyes; then
798 if test x"$mynetbsd" = xyes
799 then
800 tmp_LIBS=`echo $LIBS | sed 's%\-lresolv%%' `
801 LIBS="${tmp_LIBS}"
802 fi
803 AC_DEFINE(SH_COMPILE_STATIC, 1, [Define if compiling static])
804 if test "x$GCC" = "xyes"; then
805 LDFLAGS="$LDFLAGS -static"
806 else
807 case "$host_os" in
808
809 *aix*)
810 LDFLAGS="$LDFLAGS -bnso -bI:/lib/syscalls.exp"
811 ;;
812
813 *hpux*)
814 LDFLAGS="$LDFLAGS -Wl,-a,archive"
815 ;;
816
817 *osf*)
818 LDFLAGS="$LDFLAGS -non_shared"
819 ;;
820
821 *irix*)
822 LDFLAGS="$LDFLAGS -non_shared"
823 ;;
824
825 *sco*)
826 LDFLAGS="$LDFLAGS -dn"
827 ;;
828
829 *sun*)
830 LDFLAGS="$LDFLAGS -Bstatic"
831 ;;
832
833 *solaris*)
834 LDFLAGS="$LDFLAGS -Bstatic"
835 ;;
836
837 *)
838 echo "***********************************************"
839 echo "*"
840 echo "* Don't know how to enable static linking"
841 echo "* with your compiler. Please set the environment"
842 echo "* variable LDFLAGS to:"
843 echo "* ${LDFLAGS} + the static linking flag"
844 echo "* and run configure again"
845 echo "*"
846 echo "***********************************************"
847 ;;
848
849 esac
850 fi
851 fi
852 ]
853)
854
855#
856# partly based on the snort configure.in
857#
858AC_ARG_WITH(database,
859 [ --with-database=[[mysql|postgresql|oracle|odbc]] database support [[no]]],
860 [
861 if test x"$enable_xml_log" != xyes; then
862 AC_MSG_ERROR([--with-database: --enable-xml-log required])
863 fi
864 if test "x${withval}" = "xmysql"; then
865 AC_CHECK_PROG(HAVE_MYSQL_CONFIG, mysql_config, yes, no)
866 if test "$HAVE_MYSQL_CONFIG" = "yes"; then
867 echo "mysql_config found"
868 sh_mysql_libs="`mysql_config --libs`"
869 # echo ${sh_mysql_libs}
870 sh_mysql_libs="`eval echo ${sh_mysql_libs}`"
871 # echo $mysql_libs
872 # save_libs="$LIBS"
873 # LIBS="$LIBS `mysql_config --libs`"
874 # echo $LIBS
875 LIBS="$LIBS ${sh_mysql_libs}"
876 echo $LIBS
877 sh_mysql_cflags="`mysql_config --cflags`"
878 sh_mysql_cflags="`eval echo ${sh_mysql_cflags}`"
879 # CFLAGS="$CFLAGS `mysql_config --cflags`"
880 # CFLAGS="$CFLAGS ${sh_mysql_cflags}"
881 CPPFLAGS="$CPPFLAGS ${sh_mysql_cflags}"
882 else
883 AC_MSG_CHECKING(for MySQL in /usr /usr/local /usr/local/mysql MYSQL_HOME)
884 mysql_directory="/usr /usr/local /usr/local/mysql ${MYSQL_HOME}"
885
886 for i in $mysql_directory; do
887 if test -r $i/include/mysql/mysql.h; then
888 MYSQL_DIR=$i
889 MYSQL_INC_DIR=$i/include
890 # we use AC_CHECK_HEADERS to check for mysql/mysql.h
891 fi
892 done
893 if test -z "$MYSQL_DIR"; then
894 for i in $mysql_directory; do
895 if test -r $i/include/mysql.h; then
896 MYSQL_DIR=$i
897 MYSQL_INC_DIR=$i/include
898 fi
899 done
900 fi
901
902 if test -z "$MYSQL_DIR"; then
903 tmp=""
904 for i in $mysql_directory; do
905 tmp="$tmp $i/include $i/include/mysql"
906 done
907 FAIL_MESSAGE("mysql headers (mysql.h)", $tmp)
908 fi
909
910 for i in lib lib/mysql; do
911 str="$MYSQL_DIR/$i/libmysqlclient.*"
912 for j in `echo $str`; do
913 if test -r $j; then
914 MYSQL_LIB_DIR="$MYSQL_DIR/$i"
915 break 2
916 fi
917 done
918 done
919
920 if test -z "$MYSQL_LIB_DIR"; then
921 for ff in $mysql_directory; do
922 for i in lib lib/mysql; do
923 str="$ff/$i/libmysqlclient.*"
924 for j in `echo $str`; do
925 if test -r $j; then
926 MYSQL_LIB_DIR="$ff/$i"
927 break 3
928 fi
929 done
930 done
931 done
932 fi
933
934 if test -z "$MYSQL_LIB_DIR"; then
935 tmp=""
936 for i in $mysql_directory; do
937 tmp="$i/lib $i/lib/mysql"
938 done
939 FAIL_MESSAGE("mysql library libmysqlclient", $tmp)
940 fi
941
942 AC_MSG_RESULT(yes)
943 LIBS="$LIBS -L${MYSQL_LIB_DIR} -lmysqlclient"
944 # CFLAGS="$CFLAGS -I${MYSQL_INC_DIR}"
945 CPPFLAGS="$CPPFLAGS -I${MYSQL_INC_DIR}"
946 fi
947 AC_DEFINE(WITH_MYSQL)
948 AC_DEFINE(WITH_DATABASE)
949 AC_CHECK_LIB(z, inflateEnd, [zlib_cv_libz=yes], [zlib_cv_libz=no])
950 AC_MSG_CHECKING(for zlib)
951 if test "$zlib_cv_libz" = "yes"
952 then
953 LIBS="$LIBS -lz -lm"
954 AC_MSG_RESULT(ok)
955 else
956 AC_MSG_RESULT(failed)
957 echo
958 echo " Either the mysql or the zlib library was not found"
959 echo " or was unusable, maybe because an old, incompatible"
960 echo " version is installed on your system, eg compiled from"
961 echo " source long time ago. See config.log for the error"
962 echo " message from the compiler."
963 echo " Please review your installed mysql and zlib libraries"
964 echo " and/or use --with-libs=-L/path/to/libdirectory"
965 echo " where libdirectory is the directory holding libmysql"
966 echo " or libz."
967 if test x"$enable_static" = xyes; then
968 echo " Note that for compiling a static binary, you need"
969 echo " the static libraries, rather than the shared ones."
970 fi
971 echo
972 AC_MSG_ERROR([libmysql or zlib not found or unuseable])
973 fi
974 AC_CHECK_HEADERS(mysql/mysql.h)
975 elif test "x${withval}" = "xpostgresql"; then
976 AC_DEFINE(WITH_POSTGRES)
977 AC_DEFINE(WITH_DATABASE)
978 #
979 PGCONF="no"
980 MY_PATH="${PATH}:/usr/local/bin:/usr/local/pgsql/bin"
981 OLD_IFS="$IFS"
982 IFS=":"
983 for ff in ${MY_PATH}
984 do
985 if test -f "$ff/pg_config"
986 then
987 PGCONF="$ff/pg_config"
988 fi
989 done
990 IFS="${OLD_IFS}"
991 #
992 #
993 if test "x${PGCONF}" = "xno"
994 then
995 AC_MSG_CHECKING(for PostgreSQL in /usr/local/pgsql /usr/pgsql /usr/local /usr PGSQL_HOME)
996 pgsql_directory="/usr/local/pgsql /usr/pgsql /usr/local /usr ${PGSQL_HOME}"
997 for i in $pgsql_directory; do
998 if test -r $i/include/pgsql/libpq-fe.h; then
999 PGSQL_INC_DIR=$i/include
1000 PGSQL_DIR=$i
1001 # use AC_CHECK_HEADERS to check for pgsql/libpq-fe.h
1002 fi
1003 done
1004 if test -z "$PGSQL_DIR"; then
1005 for i in $pgsql_directory; do
1006 if test -r $i/include/libpq-fe.h; then
1007 PGSQL_INC_DIR=$i/include
1008 PGSQL_DIR=$i
1009 fi
1010 done
1011 fi
1012
1013 if test -z "$PGSQL_DIR"; then
1014 tmp=""
1015 for i in $pgsql_directory; do
1016 tmp="$tmp $i/include $i/include/pgsql"
1017 done
1018 FAIL_MESSAGE("PostgreSQL header file (libpq-fe.h)", $tmp)
1019 fi
1020
1021 for i in lib lib/pgsql; do
1022 str="$PGSQL_DIR/$i/libpq.*"
1023 for j in `echo $str`; do
1024 if test -r $j; then
1025 PGSQL_LIB_DIR="$PGSQL_DIR/$i"
1026 break 2
1027 fi
1028 done
1029 done
1030
1031 if test -z "$PGSQL_LIB_DIR"; then
1032 for ff in $pgsql_directory; do
1033 for i in lib lib/pgsql; do
1034 str="$ff/$i/libpq.*"
1035 for j in `echo $str`; do
1036 if test -r $j; then
1037 PGSQL_LIB_DIR="$ff/$i"
1038 break 3
1039 fi
1040 done
1041 done
1042 done
1043 fi
1044
1045 if test -z "$PGSQL_LIB_DIR"; then
1046 tmp=""
1047 for i in $pgsql_directory; do
1048 tmp="$i/lib $i/lib/pgsql"
1049 done
1050 FAIL_MESSAGE("postgresql library libpq", $tmp)
1051 fi
1052
1053 AC_MSG_RESULT(yes)
1054
1055 LIBS="$LIBS -L${PGSQL_LIB_DIR} -lpq -lm"
1056 if test x"$enable_static" = xyes; then
1057 LIBS="$LIBS -L${PGSQL_LIB_DIR} -lpq -lcrypt -lm"
1058 else
1059 LIBS="$LIBS -L${PGSQL_LIB_DIR} -lpq -lm"
1060 fi
1061 # CFLAGS="$CFLAGS -I${PGSQL_INC_DIR}"
1062 CPPFLAGS="$CPPFLAGS -I${PGSQL_INC_DIR}"
1063 AC_CHECK_HEADERS(pgsql/libpq-fe.h)
1064 else
1065 pg_lib_dir=`${PGCONF} --libdir`
1066 if test x"$enable_static" = xyes; then
1067 LIBS="$LIBS -L${pg_lib_dir} -lpq -lcrypt -lm"
1068 else
1069 LIBS="$LIBS -L${pg_lib_dir} -lpq -lm"
1070 fi
1071 pg_inc_dir=`${PGCONF} --includedir`
1072 # CFLAGS="$CFLAGS -I${pg_inc_dir}"
1073 CPPFLAGS="$CPPFLAGS -I${pg_inc_dir}"
1074 fi
1075 elif test "x${withval}" = "xodbc"; then
1076 AC_MSG_CHECKING(for odbc in /usr /usr/local ODBC_HOME)
1077 odbc_directory="/usr /usr/local"
1078
1079 for i in $odbc_directory; do
1080 if test -r $i/include/sql.h; then
1081 if test -r $i/include/sqlext.h; then
1082 if test -r $i/include/sqltypes.h; then
1083 ODBC_DIR=$i
1084 ODBC_INC_DIR=$i/include
1085 fi
1086 fi
1087 fi
1088 done
1089
1090 if test -z "$ODBC_DIR"; then
1091 tmp=""
1092 for i in $odbc_directory; do
1093 tmp="$tmp $i/include"
1094 done
1095 FAIL_MESSAGE("odbc headers (sql.h sqlext.h sqltypes.h)", $tmp)
1096 fi
1097
1098 str="$ODBC_DIR/lib/libodbc.*"
1099 for j in `echo $str`; do
1100 if test -r $j; then
1101 ODBC_LIB_DIR="$ODBC_DIR/lib"
1102 ODBC_LIB="odbc"
1103 fi
1104 done
1105
1106 if test -z "$ODBC_LIB_DIR"; then
1107 FAIL_MESSAGE("odbc library (libodbc)", "$ODBC_DIR/lib")
1108 fi
1109
1110 AC_MSG_RESULT(yes)
1111 CPPFLAGS="${CPPFLAGS} -I${ODBC_INC_DIR}"
1112 LIBS="${LIBS} -L${ODBC_LIB_DIR} -l$ODBC_LIB"
1113 AC_DEFINE(WITH_ODBC)
1114 AC_DEFINE(WITH_DATABASE)
1115
1116 elif test "x${withval}" = "xoracle"; then
1117 AC_MSG_CHECKING(for oracle in /usr /usr/local ORACLE_HOME)
1118 oracle_directory="/usr /usr/local ${ORACLE_HOME}"
1119 for i in $oracle_directory; do
1120 if test -r $i/rdbms/demo/oci.h; then
1121 ORACLE_DIR=$i
1122 fi
1123 done
1124
1125 if test -z "$ORACLE_DIR"; then
1126 tmp=""
1127 for i in $oracle_directory; do
1128 tmp="$tmp $i/rdbms/demo"
1129 done
1130 FAIL_MESSAGE("OCI header file (oci.h)", $tmp)
1131 else
1132 for i in rdbms/demo rdbms/public network/public; do
1133 ORACLE_CPP_FLAGS="$ORACLE_CPP_FLAGS -I$ORACLE_DIR/$i"
1134 done
1135 ORACLE_LIB_DIR="$ORACLE_DIR/lib"
1136 AC_MSG_RESULT(yes)
1137
1138 CPPFLAGS="${CPPFLAGS} ${ORACLE_CPP_FLAGS}"
1139
1140 ORACLE_LIBS="-lclntsh"
1141 if test -r $ORACLE_LIB_DIR/libwtc9.so; then
1142 ORACLE_LIBS="${ORACLE_LIBS} -lwtc9"
1143 elif test -r $ORACLE_LIB_DIR/libwtc8.so; then
1144 ORACLE_LIBS="${ORACLE_LIBS} -lwtc8"
1145 fi
1146 LIBS="${LIBS} -L${ORACLE_LIB_DIR} ${ORACLE_LIBS}"
1147 fi
1148 AC_DEFINE(WITH_ORACLE)
1149 AC_DEFINE(WITH_DATABASE)
1150
1151 else
1152 AC_MSG_ERROR([--with-database: unsupported database ${withval}])
1153 fi
1154 ]
1155)
1156
1157AC_ARG_WITH(console,
1158 [ --with-console=PATH set path to console device [[/dev/console]]],
1159 [
1160 if test "x${withval}" != xno; then
1161 mycons="$withval"
1162 AC_DEFINE_UNQUOTED(DEFAULT_CONSOLE, _("${mycons}") )
1163 fi
1164 ])
1165
1166AC_ARG_WITH(altconsole,
1167 [ --with-altconsole=PATH set path to second console device [[none]]],
1168 [
1169 if test "x${withval}" != xno; then
1170 myaltcons="$withval"
1171 else
1172 myaltcons="NULL"
1173 fi
1174 ],
1175 [myaltcons="NULL"])
1176AC_DEFINE_UNQUOTED(ALT_CONSOLE, _("${myaltcons}") )
1177
1178AC_ARG_WITH(timeserver,
1179 [ --with-timeserver=HOST set host address for time server [[none]]],
1180 [
1181 if test "x${withval}" != xno; then
1182 mytimeserv="$withval"
1183 AC_DEFINE(HAVE_NTIME)
1184 else
1185 mytimeserv="NULL"
1186 fi
1187 ],
1188 mytimeserv="NULL")
1189AC_DEFINE_UNQUOTED(DEFAULT_TIMESERVER, _("${mytimeserv}") )
1190
1191AC_ARG_WITH(alttimeserver,
1192 [ --with-alttimeserver=HOST set address for backup time server [[none]]],
1193 [
1194 if test "x${withval}" != xno; then
1195 myalttimeserv="$withval"
1196 AC_DEFINE(HAVE_NTIME)
1197 else
1198 myalttimeserv="NULL"
1199 fi
1200 ],
1201 myalttimeserv="NULL")
1202AC_DEFINE_UNQUOTED(ALT_TIMESERVER, _("${myalttimeserv}") )
1203
1204AC_ARG_ENABLE(login-watch,
1205 [ --enable-login-watch watch for login/logout [[no]]],
1206 [
1207 if test "x${enable_login_watch}" = xyes; then
1208 AC_DEFINE(SH_USE_UTMP)
1209 fi
1210 ]
1211)
1212
1213AC_ARG_ENABLE(mounts-check,
1214 [ --enable-mounts-check check mount options on filesystems [[no]]],
1215 [
1216 if test "x${enable_mounts_check}" = xyes; then
1217 AC_DEFINE(SH_USE_MOUNTS)
1218 fi
1219 ]
1220)
1221
1222AC_ARG_ENABLE(userfiles,
1223 [ --enable-userfiles check for users' config files [[no]]],
1224 [
1225 if test "x${enableval}" = "xyes"; then
1226 AC_DEFINE(SH_USE_USERFILES)
1227 fi
1228 ]
1229)
1230
1231AC_ARG_ENABLE(debug,
1232 [ --enable-debug enable debug options [[no]]],
1233 [
1234 if test "x${enable_debug}" = "xyes"; then
1235 if test "x${mydebugflag}" != "xyes"; then
1236 AC_DEFINE(MEM_DEBUG)
1237 fi
1238 AC_DEFINE(WITH_TPT)
1239 AC_DEFINE(SL_DEBUG)
1240 AC_DEFINE(SL_FAIL_ON_ERROR)
1241 if test "x${myneedg3}" = "xyes"; then
1242 mydebugdef="-g3"
1243 else
1244 mydebugdef="-g"
1245 fi
1246 mydebugit="yes"
1247 fi
1248 ]
1249)
1250AC_SUBST(mydebugdef)
1251
1252AC_ARG_ENABLE(ptrace,
1253 [ --enable-ptrace use anti-debugger options [[no]]],
1254 [
1255 if test "x${enable_ptrace}" = xyes; then
1256 if test "x$mydebugit" != "xyes"; then
1257 AC_DEFINE(SCREW_IT_UP)
1258 fi
1259 fi
1260 ]
1261)
1262
1263dnl
1264if test "x$GCC" = "xyes"; then
1265 if test ! -z "`echo "$CFLAGS" | grep "\-g\ " 2> /dev/null`" ; then
1266 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
1267 fi
1268
1269dnl if test ! -z "`echo "$CFLAGS" | grep "\-O2" 2> /dev/null`" ; then
1270dnl CFLAGS=`echo $CFLAGS | sed 's%\-O2%\-O3%' `
1271dnl fi
1272
1273 if test -z "`echo "$CFLAGS" | grep "\-Wall" 2> /dev/null`" ; then
1274 CFLAGS="$CFLAGS -Wall -W "
1275 fi
1276
1277 if test -z "`echo "$CFLAGS" | grep "\-fstrength\-reduce" 2> /dev/null`"
1278 then
1279 if test -z "`echo "$CFLAGS" | grep "\-fno\-strength\-reduce" 2> /dev/null`"
1280 then
1281 CFLAGS="$CFLAGS -fno-strength-reduce"
1282 fi
1283 fi
1284
1285 if test -z "`echo "$CFLAGS" | grep "\-fomit\-frame\-pointer" 2> /dev/null`"
1286 then
1287 if test -z "`echo "$CFLAGS" | grep "\-fno\-omit\-frame\-pointer" 2> /dev/null`"
1288 then
1289 CFLAGS="$CFLAGS -fno-omit-frame-pointer"
1290 fi
1291 fi
1292
1293fi
1294
1295AC_MSG_CHECKING([which random module to use])
1296AC_ARG_WITH(rnd,
1297 [ --with-rnd=[[egd|unix|dev|default]] random number generator [[default]]],
1298[use_static_rnd=$withval], [use_static_rnd=default] )
1299
1300if test "$use_static_rnd" = no; then
1301 use_static_rnd=default
1302fi
1303
1304case "$use_static_rnd" in
1305 egd | dev | unix | default )
1306 AC_MSG_RESULT($use_static_rnd)
1307 ;;
1308 * )
1309 AC_MSG_RESULT([invalid argument])
1310 AC_MSG_ERROR([--with-rnd: there is no random module ${use_static_rnd}])
1311 ;;
1312esac
1313
1314AC_ARG_WITH(egd-socket,
1315 [ --with-egd-socket=NAME EGD socket name],
1316 egd_socket_name="$withval", egd_socket_name="" )
1317AC_DEFINE_UNQUOTED(EGD_SOCKET_NAME, _("$egd_socket_name") )
1318
1319dnl
1320dnl See whether the user wants to disable checking for /dev/random
1321
1322try_dev_random=yes
1323
1324case "$use_static_rnd" in
1325dev | default )
1326 try_dev_random=yes
1327 ;;
1328egd)
1329 AC_DEFINE(HAVE_EGD_RANDOM)
1330 try_dev_random=no
1331 ;;
1332unix)
1333 AC_DEFINE(HAVE_UNIX_RANDOM)
1334 try_dev_random=no
1335 ;;
1336esac
1337
1338
1339if test "x$try_dev_random" = "xyes"; then
1340 AC_MSG_CHECKING(whether /dev/random exists)
1341 if test -r "/dev/srandom" && test -c "/dev/srandom"; then
1342 AC_DEFINE(HAVE_URANDOM)
1343 AC_DEFINE_UNQUOTED(NAME_OF_DEV_RANDOM, _("/dev/srandom") )
1344 AC_MSG_RESULT(yes)
1345 if test -r "/dev/urandom" && test -c "/dev/urandom"; then
1346 AC_DEFINE_UNQUOTED(NAME_OF_DEV_URANDOM, _("/dev/urandom") )
1347 fi
1348 else
1349 if test -r "/dev/random" && test -c "/dev/random"; then
1350 AC_DEFINE(HAVE_URANDOM)
1351 AC_DEFINE_UNQUOTED(NAME_OF_DEV_RANDOM, _("/dev/random") )
1352 AC_MSG_RESULT(yes)
1353 if test -r "/dev/urandom" && test -c "/dev/urandom"; then
1354 AC_DEFINE_UNQUOTED(NAME_OF_DEV_URANDOM, _("/dev/urandom") )
1355 fi
1356 else
1357 AC_MSG_RESULT(no)
1358 AC_DEFINE(HAVE_UNIX_RANDOM)
1359 fi
1360 fi
1361fi
1362
1363
1364dnl
1365dnl NETWORK OPTIONS
1366dnl
1367
1368
1369AC_ARG_ENABLE(network,
1370 [ --enable-network=[[client|server]] compile client or server [[no]]],
1371 [
1372 if test "x$enable_network" = xclient; then
1373 mytclient="-DSH_WITH_CLIENT"
1374 yulectl_prg=
1375 setpwd_prg="samhain_setpwd"
1376 sh_main_prg="samhain"
1377 if test "x${sh_have_gmp}" = xyes
1378 then
1379 LIBS="-lgmp $LIBS"
1380 fi
1381dnl AC_CHECK_HEADER(sys/capability.h,
1382dnl [AC_CHECK_LIB(cap, cap_get_proc,,sh_use_lcaps="no")],
1383dnl [sh_use_lcaps="no"])
1384 elif test "x$enable_network" = xserver; then
1385 mytclient="-DSH_WITH_SERVER"
1386 yulectl_prg="yulectl"
1387 setpwd_prg="samhain_setpwd"
1388 sh_main_prg="yule"
1389 if test "x${sh_have_gmp}" = xyes
1390 then
1391 LIBS="-lgmp $LIBS"
1392 fi
1393 sh_use_lcaps="undef"
1394 elif test "x$enable_network" = xno; then
1395 mytclient="-DSH_STANDALONE"
1396 yulectl_prg=
1397 setpwd_prg=
1398 sh_main_prg="samhain"
1399dnl AC_CHECK_HEADER(sys/capability.h,
1400dnl [AC_CHECK_LIB(cap, cap_get_proc,,sh_use_lcaps="no")],
1401dnl [sh_use_lcaps="no"])
1402 else
1403 AC_MSG_ERROR([--enable-network=WHAT: WHAT must be client, server, or no])
1404 fi
1405 ],
1406 [
1407 mytclient="-DSH_STANDALONE"
1408 setpwd_prg=
1409 yulectl_prg=
1410 sh_main_prg="samhain"
1411dnl AC_CHECK_HEADER(sys/capability.h,
1412dnl [AC_CHECK_LIB(cap, cap_get_proc,,sh_use_lcaps="no")],
1413dnl [sh_use_lcaps="no"])
1414 ],
1415)
1416AC_SUBST(setpwd_prg)
1417AC_SUBST(yulectl_prg)
1418AC_SUBST(sh_main_prg)
1419AC_SUBST(mytclient)
1420
1421# needed for the rpm spec
1422clmytclient=`echo ${mytclient} | sed s%\-%%`
1423AC_SUBST(clmytclient)
1424
1425AC_ARG_ENABLE(udp,
1426 [ --enable-udp server can listen on port 514/udp [[no]]],
1427 [
1428 if test "x${enable_udp}" = xyes; then
1429 AC_DEFINE(INET_SYSLOG)
1430 fi
1431 ]
1432)
1433
1434myencrypt=yes
1435AC_ARG_ENABLE(encrypt,
1436 [ --disable-encrypt disable client/server encryption],
1437 [
1438 if test "x${enable_encrypt}" = xno; then
1439 myencrypt=no
1440 elif test "x${enable_encrypt}" = "x1"; then
1441 myencrypt=1
1442 fi
1443 ]
1444)
1445if test "x${myencrypt}" = "xyes"; then
1446 AC_DEFINE(SH_ENCRYPT)
1447 AC_DEFINE(SH_ENCRYPT_2)
1448elif test "x${myencrypt}" = "x1"; then
1449 AC_DEFINE(SH_ENCRYPT)
1450fi
1451
1452sh_use_srp_proto=yes
1453AC_ARG_ENABLE(srp,
1454 [ --disable-srp disable SRP for authentication],
1455 [
1456 if test "x${enable_srp}" = xno; then
1457 sh_use_srp_proto=no
1458 fi
1459 ]
1460)
1461if test "x${sh_use_srp_proto}" = xyes; then
1462 AC_DEFINE(USE_SRP_PROTOCOL)
1463fi
1464
1465AC_ARG_WITH(port,
1466 [ --with-port=PORT set port to use for TCP/IP connection [[49777]]],
1467 [
1468 echo "${withval}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
1469 AC_MSG_ERROR([--with-port: PORT must be numeric])
1470 myport=${withval}
1471 ],
1472 [myport="49777"])
1473AC_DEFINE_UNQUOTED(SH_DEFAULT_PORT, ${myport})
1474AC_SUBST(myport)
1475
1476AC_ARG_WITH(logserver,
1477 [ --with-logserver=HOST set host address for log server [[none]]],
1478 [
1479 case "$withval" in
1480 *.* | localhost)
1481 mylogsrv="$withval"
1482 ;;
1483 *)
1484 mylogsrv="$withval"
1485 ;;
1486 esac
1487 ],
1488 [mylogsrv="NULL"])
1489AC_DEFINE_UNQUOTED(DEFAULT_LOGSERVER, _("${mylogsrv}") )
1490AC_SUBST(mylogsrv)
1491
1492AC_ARG_WITH(altlogserver,
1493 [ --with-altlogserver=HOST set address for backup log server [[none]]],
1494 [
1495 case "$withval" in
1496 *.* | localhost)
1497 myaltlogsrv="$withval"
1498 ;;
1499 *)
1500 myaltlogsrv="$withval"
1501 ;;
1502 esac
1503 ],
1504 [myaltlogsrv="NULL"])
1505AC_DEFINE_UNQUOTED(ALT_LOGSERVER, _("${myaltlogsrv}"))
1506
1507
1508
1509dnl
1510dnl STEALTH OPTIONS
1511dnl
1512nocl_code=
1513xor_code=0
1514AC_ARG_ENABLE(nocl,
1515 [ --enable-nocl=PW no CL parsing unless first CL argument is PW],
1516 [
1517 if test "x${enableval}" != "x"; then
1518 AC_DEFINE(SH_STEALTH_NOCL)
1519 fi
1520 if test "x${enableval}" = "xstop" || test "x${enableval}" = "xstart"; then
1521 AC_MSG_ERROR([--enable-nocl: start/stop/reload/restart/status are reserved words])
1522 fi
1523 if test "x${enableval}" = "xreload" || test "x${enableval}" = "xrestart"; then
1524 AC_MSG_ERROR([--enable-nocl: start/stop/reload/restart/status are reserved words])
1525 fi
1526 if test "x${enableval}" = "xstatus"; then
1527 AC_MSG_ERROR([--enable-nocl: start/stop/reload/restart/status are reserved words])
1528 fi
1529 if test "x${enableval}" = "xno"; then
1530 AC_MSG_ERROR([--enable-nocl: use of --enable-nocl=no is ambiguous])
1531 fi
1532 nocl_code="${enable_nocl}"
1533 ]
1534)
1535AC_DEFINE_UNQUOTED(NOCL_CODE, _("${nocl_code}") )
1536AC_SUBST(nocl_code)
1537AC_ARG_ENABLE(stealth,
1538 [ --enable-stealth=XOR_VAL enable stealth mode [[no]]],
1539 [AC_DEFINE(SH_STEALTH)
1540 if test "x${enableval}" != "xyes"; then
1541 echo "${enableval}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
1542 AC_MSG_ERROR([--enable-stealth: XOR_VAL must be numeric])
1543 if test "${enableval}" -lt 127 || test "${enableval}" -gt 255; then
1544 if test x"${enableval}" = x0
1545 then
1546 :
1547 else
1548 AC_MSG_ERROR([--enable-stealth: XOR_VAL must be in the range 127 to 255])
1549 fi
1550 fi
1551 xor_code="${enable_stealth}"
1552 else
1553 xor_code=0
1554 fi
1555 stegin_prg="samhain_stealth"
1556 ],
1557 [
1558 stegin_prg=
1559 ]
1560)
1561AC_ARG_ENABLE(micro-stealth,
1562 [ --enable-micro-stealth=XOR_VAL enable micro stealth mode [[no]]],
1563 [
1564 AC_DEFINE(SH_STEALTH)
1565 AC_DEFINE(SH_STEALTH_MICRO)
1566 if test "x${enableval}" != "xyes"; then
1567 echo "${enableval}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
1568 AC_MSG_ERROR([--enable-micro-stealth: XOR_VAL must be numeric])
1569 if test "${enableval}" -lt 127 || test "${enableval}" -gt 255; then
1570 if test x"${enableval}" = x0
1571 then
1572 :
1573 else
1574 AC_MSG_ERROR([--enable-micro-stealth: XOR_VAL must be in the range 127 to 255])
1575 fi
1576 fi
1577 xor_code="${enable_micro_stealth}"
1578 else
1579 xor_code=0
1580 fi
1581 ]
1582)
1583install_name="samhain"
1584INSTALL_NAME="SAMHAIN"
1585AC_ARG_ENABLE(install-name,
1586 [ --enable-install-name=NAME name under which to install [[samhain|yule]]],
1587 [
1588 if test "x${enableval}" != "xyes"; then
1589 install_name="${enableval}"
1590 INSTALL_NAME=`echo "${enableval}" | tr [a-z] [A-Z]`
1591 else
1592 install_name="${sh_main_prg}"
1593 INSTALL_NAME=`echo "${sh_main_prg}" | tr [a-z] [A-Z]`
1594 fi
1595 ],
1596 [
1597 install_name="${sh_main_prg}"
1598 INSTALL_NAME=`echo "${sh_main_prg}" | tr [a-z] [A-Z]`
1599 ]
1600)
1601
1602
1603need_user_install=0
1604
1605AC_ARG_ENABLE(identity,
1606 [ --enable-identity=USER user if dropping root [[daemon]]],
1607 [
1608 if test x"$enableval" = xno; then
1609 myident="daemon"
1610 else
1611 myident="$enableval"
1612 fi
1613 echo "${myident}" | grep ['[^0123456789]'] >/dev/null 2>&1 || \
1614 AC_MSG_ERROR([--enable-identity: need username, not UID])
1615 myident_uid=`(cat /etc/passwd; ypcat passwd) 2>/dev/null |\
1616 grep "^${myident}:" | awk -F: '{ print $3; }'`
1617 if test x"${myident_uid}" = x; then
1618 AC_MSG_WARN([--enable-identity: user ${myident} will be added upon install])
1619 need_user_install=1
1620 fi
1621 ],
1622 [
1623 for myident in ${install_name} daemon nobody; do
1624 AC_MSG_CHECKING(for user ${myident})
1625 myident_uid=`(cat /etc/passwd; ypcat passwd) 2>/dev/null |\
1626 grep "^${myident}:" | awk -F: '{ print $3; }'`
1627 if test x"${myident_uid}" != x; then
1628 AC_MSG_RESULT(yes)
1629 break;
1630 else
1631 AC_MSG_RESULT(no)
1632 fi
1633 done
1634 if test x"${myident_uid}" = x; then
1635 myident=${install_name}
1636 AC_MSG_WARN([--enable-identity: user ${myident} will be added upon install])
1637 need_user_install=1
1638 fi
1639 ])
1640AC_DEFINE_UNQUOTED(DEFAULT_IDENT, _("${myident}") )
1641AC_SUBST(myident)
1642AC_SUBST(need_user_install)
1643
1644sh_insmod_cmd=": # no kernel module"
1645sh_lkm=""
1646lkm_inc=""
1647khidemap="/boot/System.map"
1648sh_syscalltable="0x0"
1649AC_ARG_ENABLE(khide,
1650 [ --enable-khide=SYSTEM_MAP use kernel module to hide (Linux only)[[/boot/System.map]]],
1651 [
1652 if test "x${enable_khide}" != xno; then
1653 if test "x${enableval}" != "xyes"; then
1654 khidemap="${enableval}"
1655 fi
1656 sh_syscalltable=`grep 'D sys_call_table' ${khidemap} | awk '{print $1}'`
1657 if test x"$sh_syscalltable" = x; then
1658 sh_syscalltable=`grep 'd sys_call_table' ${khidemap} | awk '{print $1}'`
1659 if test x"$sh_syscalltable" = x; then
1660 AC_MSG_ERROR([--enable-khide: symbol sys_call_table not found in ${khidemap}])
1661 fi
1662 fi
1663 sh_syscalltable="0x${sh_syscalltable}"
1664 install_name_len=`echo ${install_name} | awk '{ print(length()); }'`
1665 if test "${install_name_len}" -gt 15 ; then
1666 AC_MSG_ERROR([--enable-khide: install_name exceeds 15 char length limit])
1667 fi
1668 AC_DEFINE(SH_USE_LKM)
1669 AC_DEFINE_UNQUOTED(SH_MAGIC_HIDE, "${install_name}")
1670
1671 # -- NEW --
1672 kernel_version=`uname -r | sed s,2.6.*,LINUX26,`
1673 if test x"$kernel_version" = xLINUX26
1674 then
1675 sh_modlist_lock=`egrep ['[bd] modlist_lock$'] ${khidemap} | awk '{print $1}'`
1676 if test x"$sh_modlist_lock" = x; then
1677 AC_MSG_ERROR([--enable-khide: symbol modlist_lock not found in ${khidemap}])
1678 fi
1679 sh_modlist_lock="0x${sh_modlist_lock}"
1680 AC_DEFINE_UNQUOTED(SH_MODLIST_LOCK, ${sh_modlist_lock}, [The address of the modules list spinlock])
1681
1682 sh_list_modules=`egrep 'd modules$' ${khidemap} | awk '{print $1}'`
1683 if test x"$sh_list_modules" = x; then
1684 AC_MSG_ERROR([--enable-khide: symbol modules not found in ${khidemap}])
1685 fi
1686 sh_list_modules="0x${sh_list_modules}"
1687 AC_DEFINE_UNQUOTED(SH_LIST_MODULES, ${sh_list_modules}, [The address of the modules list])
1688
1689 AC_DEFINE(LINUX26, 1, [Define if kernel is 2.6])
1690 sh_insmod_cmd="modprobe ${install_name}_hide"
1691 sh_lkm="samhain_hide.ko"
1692 else
1693 sh_insmod_cmd="insmod ${install_name}_hide; insmod ${install_name}_erase; rmmod ${install_name}_erase"
1694 sh_lkm="samhain_hide.o samhain_erase.o"
1695 fi
1696 # -- END NEW --
1697
1698 kvers=`uname -r`
1699 if test -f /lib/modules/${kvers}/build/include/linux/kernel.h; then
1700 lkm_inc="-I/lib/modules/${kvers}/build/include"
1701 else
1702 AC_MSG_WARN([--enable-khide: /lib/modules/${kvers}/build/include/linux not found])
1703 AC_MSG_WARN([--enable-khide: You may need to install the kernel-source])
1704 AC_MSG_WARN([--enable-khide: headers for the currently-running kernel.])
1705 fi
1706 sh_is_vanilla_kernel=yes
1707 if test -f /lib/modules/${kvers}/build/include/linux/sched.h; then
1708 grep 'next_task,' /lib/modules/${kvers}/build/include/linux/sched.h >/dev/null 2>&1 || sh_is_vanilla_kernel=no
1709 fi
1710 if test x"${sh_is_vanilla_kernel}" = xno; then
1711 echo "This is not a 2.4 vanilla kernel"
1712 else
1713 AC_DEFINE(SH_VANILLA_KERNEL)
1714 fi
1715 fi
1716 ]
1717)
1718AC_SUBST(lkm_inc)
1719AC_SUBST(sh_lkm)
1720AC_SUBST(sh_insmod_cmd)
1721AC_SUBST(install_name)
1722AC_SUBST(INSTALL_NAME)
1723AC_SUBST(stegin_prg)
1724AC_SUBST(xor_code)
1725
1726AC_DEFINE_UNQUOTED(XOR_CODE, ${xor_code})
1727AC_DEFINE_UNQUOTED(SH_SYSCALLTABLE, ${sh_syscalltable})
1728
1729
1730exepack_state0=`${srcdir}/c_random.sh 2>/dev/null`
1731exepack_state1=`${srcdir}/c_random.sh 2>/dev/null`
1732exepack_state2=`${srcdir}/c_random.sh 2>/dev/null`
1733
1734AC_DEFINE_UNQUOTED(EXEPACK_STATE_0, ${exepack_state0})
1735AC_DEFINE_UNQUOTED(EXEPACK_STATE_1, ${exepack_state1})
1736AC_DEFINE_UNQUOTED(EXEPACK_STATE_2, ${exepack_state2})
1737
1738
1739AC_ARG_ENABLE(suidcheck,
1740 [ --enable-suidcheck check for suid/sgid files [[no]]],
1741 [
1742 if test "x${enableval}" = "xyes"; then
1743 AC_DEFINE(SH_USE_SUIDCHK)
1744 fi
1745 ]
1746)
1747
1748
1749systemmap="/boot/System.map"
1750sh_libkvm=""
1751AC_ARG_WITH(kcheck,
1752 [ --with-kcheck=SYSTEM_MAP check Linux kernel integrity [[/boot/System.map]]],
1753 [
1754 if test "x${withval}" != "xno"; then
1755 AC_DEFINE(SH_USE_KERN)
1756 kernelversion=`uname -r`
1757 AC_DEFINE_UNQUOTED(SH_KERNEL_VERSION, _("${kernelversion}"), [Define the kernel version])
1758 if test "x${withval}" != "xyes"; then
1759 systemmap="${withval}"
1760 fi
1761 if test "x${cross_compiling}" = xyes; then
1762 :
1763 elif test "x$selectconfig" = "xfreebsd"; then
1764 LIBS="$LIBS -lkvm"
1765 sh_libkvm="-lkvm"
1766 elif test -f "${systemmap}"; then
1767 :
1768 else
1769 AC_MSG_ERROR([--with-kcheck: cannot find system map ${systemmap}])
1770 fi
1771 fi
1772 ]
1773)
1774AC_SUBST(systemmap)
1775AC_SUBST(sh_libkvm)
1776
1777AC_ARG_ENABLE(base,
1778 [ --enable-base=B1,B2 base key (0...2147483647)],
1779 [
1780 AC_MSG_CHECKING(base key setting)
1781 my_key_A=`echo ${enableval} | awk 'BEGIN{FS=","}{print $1}'`
1782 my_key_B=`echo ${enableval} | awk 'BEGIN{FS=","}{print $2}'`
1783 AC_MSG_RESULT(${my_key_A} ${my_key_B})
1784 if test "x${my_key_A}" = x; then
1785 AC_MSG_ERROR([--enable-base: first base key has zero length])
1786 fi
1787 if test "x${my_key_B}" = x; then
1788 AC_MSG_ERROR([--enable-base: second base key has zero length])
1789 fi
1790 echo "${my_key_A}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
1791 AC_MSG_ERROR([--enable-base: base key must be numeric in the range 0 to 2147483647])
1792 echo "${my_key_B}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
1793 AC_MSG_ERROR([--enable-base: base key must be numeric in the range 0 to 2147483647])
1794 ],
1795 [
1796 AC_MSG_CHECKING(base key setting .. collecting entropy)
1797 my_key_1=`${srcdir}/c_random.sh 2>/dev/null`
1798 my_key_2=`${srcdir}/c_random.sh 2>/dev/null`
1799 my_key_3=`${srcdir}/c_random.sh 2>/dev/null`
1800 my_key_4=`${srcdir}/c_random.sh 2>/dev/null`
1801 my_key_A=`expr $my_key_1 \* 32767`
1802 my_key_A=`echo ${my_key_A} | sed 's%^0*%%g' 2>/dev/null`
1803 my_key_A=`expr $my_key_A \+ $my_key_2`
1804 my_key_B=`expr $my_key_3 \* 32767`
1805 my_key_B=`echo ${my_key_B} | sed 's%^0*%%g' 2>/dev/null`
1806 my_key_B=`expr $my_key_B \+ $my_key_4`
1807 AC_MSG_RESULT(${my_key_A} ${my_key_B})
1808 ]
1809 )
1810AC_SUBST(my_key_A)
1811AC_SUBST(my_key_B)
1812
1813dnl low bytes
1814my_key_1=`expr $my_key_A \% 65536`
1815dnl high bytes
1816my_key_2=`expr $my_key_A \/ 65536`
1817dnl low bytes
1818my_key_3=`expr $my_key_B \% 65536`
1819dnl high bytes
1820my_key_4=`expr $my_key_B \/ 65536`
1821
1822dnl echo ${my_key_1} ${my_key_2} ${my_key_3} ${my_key_4}
1823
1824dnl touch ./sh_MK.h
1825dnl echo "#ifndef SH_MK_H" >> ./sh_MK.h
1826dnl echo "#define SH_MK_H" >> ./sh_MK.h
1827dnl ${srcdir}/c_bits.sh ${my_key_1} MKB >> ./sh_MK.h
1828dnl ${srcdir}/c_bits.sh ${my_key_2} MKA >> ./sh_MK.h
1829dnl ${srcdir}/c_bits.sh ${my_key_3} MKC >> ./sh_MK.h
1830dnl ${srcdir}/c_bits.sh ${my_key_4} MKD >> ./sh_MK.h
1831dnl echo "#endif" >> ./sh_MK.h
1832AC_SUBST(my_key_1)
1833AC_SUBST(my_key_2)
1834AC_SUBST(my_key_3)
1835AC_SUBST(my_key_4)
1836
1837AC_MSG_CHECKING(key position)
1838pos_tf_1=`${srcdir}/c_random.sh 2>/dev/null`
1839pos_tf_2=`expr $pos_tf_1 \% 8`
1840pos_tf=`expr $pos_tf_2 + 1`
1841AC_MSG_RESULT(${pos_tf})
1842AC_DEFINE_UNQUOTED(POS_TF, ${pos_tf} )
1843
1844mykeybase=`echo ${my_key_A},${my_key_B}`
1845AC_DEFINE_UNQUOTED(DEFKEY, ${mykeybase} )
1846AC_SUBST(mykeybase)
1847
1848
1849dnl
1850dnl GPG/PGP options
1851dnl
1852
1853AC_ARG_WITH(gpg,
1854 [ --with-gpg=PATH use GnuPG to verify database/config [[no]]],
1855 [
1856 if test "x${withval}" != "xno"; then
1857 if test "x${cross_compiling}" = xyes; then
1858 mygpg="${withval}"
1859 else
1860 if test -f "${withval}"; then
1861 mygpg="${withval}"
1862 mychk0=`${withval} --load-extension tiger --print-md TIGER192 ${withval} 2>/dev/null`
1863 if test "x$?" != "x0"; then
1864 mychktest=no
1865 for sampre in ./samhain ./yule /usr/local/sbin/samhain /usr/local/bin/samhain /usr/bin/samhain /usr/sbin/samhain /usr/local/sbin/yule /usr/local/bin/yule /usr/bin/yule /usr/sbin/yule; do
1866 if test x"${mychktest}" = xyes
1867 then
1868 :
1869 else
1870 if test -f ${sampre}
1871 then
1872 echo "use existing ${sampre} for gpg checksum"
1873 mychk0=`${sampre} -H ${withval} 2>/dev/null`
1874 if test "x$?" != "x0"; then
1875 :
1876 else
1877 mychk="${mychk0}"
1878 mychktest=yes
1879 fi
1880 fi
1881 fi
1882 done
1883 if test x${mychktest} = xno; then
1884 AC_MSG_WARN([--with-gpg: cannot determine TIGER192 checksum of ${withval}])
1885 echo "-------------------------------------------------------------"
1886 echo " Your gpg binary does not support the TIGER192 checksum, "
1887 echo " and I cannot find an existing samhain binary to use instead."
1888 echo " You can:"
1889 echo " (a) run make to compile a samhain binary, then repeat"
1890 echo " ./configure and make"
1891 echo " (b) ignore the failure. The checksum of the gpg binary"
1892 echo " will not get compiled in, thus allowing an attacker"
1893 echo " to replace gpg with a trojan and subverting the gpg"
1894 echo " signature verification of configure and database files."
1895 echo "-------------------------------------------------------------"
1896 fi
1897 else
1898 mychk="${mychk0}"
1899 fi
1900 else
1901 AC_MSG_WARN([--with-gpg: cannot find GnuPG PATH=${withval}])
1902 fi
1903 fi
1904 AC_DEFINE(WITH_GPG)
1905 AC_DEFINE_UNQUOTED(DEFAULT_GPG_PATH, _("${mygpg}") )
1906 AC_SUBST(mygpg)
1907 fi
1908 ]
1909)
1910
1911dnl AC_ARG_WITH(pgp,
1912dnl [ --with-pgp=PATH Use PGP to verify database/config (no).],
1913dnl [myppg="$withval"
1914dnl AC_DEFINE(WITH_PGP)
1915dnl AC_DEFINE_UNQUOTED(DEFAULT_PGP_PATH, _("${myppg}") )
1916dnl ])
1917
1918AC_ARG_WITH(checksum,
1919 [ --with-checksum=CHKSUM compile in gpg/pgp checksum [[yes]]],
1920 [
1921 if test "x${withval}" != "xno"; then
1922 if test "x${withval}" != "xyes"; then
1923 if test "x${mychk}" != "x"; then
1924 if test "x${mychk}" != "x${withval}"; then
1925 AC_MSG_WARN([--with-checksum: possible gpg CHKSUM problem])
1926 AC_MSG_WARN([--with-checksum: CHKSUM=${withval}])
1927 AC_MSG_WARN([--with-checksum: autodetected=${mychk}])
1928 fi
1929 fi
1930 mychk="${withval}"
1931 else
1932 if test "x${mychk}" = "x"; then
1933 AC_MSG_ERROR([--with-checksum: gpg CHKSUM not specified])
1934 fi
1935 fi
1936 AC_DEFINE(HAVE_GPG_CHECKSUM)
1937 AC_DEFINE_UNQUOTED(GPG_HASH, _("${mychk}") )
1938 echo "${mychk}" | sed 's,.*:,,g' | sed 's, ,,g' | sed 's,\(.\),\1:,g' | awk '{ split($0, arr, ":"); m = length($1)/2; print "#ifndef CHKSUM_H"; print "#define CHKSUM_H"; print "char gpgchk[50];"; for (i=1; i <= m; i++) printf "gpgchk[%d] = %c%s%c;\n", i-1, 39, arr[i], 39; printf "gpgchk[48] = %c%c0%c;\n", 39, 92, 39; print "#endif"; }' > sh_gpg_chksum.h
1939 fi
1940 ],
1941 [
1942 if test "x${mygpg}" != "x"; then
1943 if test "x${mychk}" != "x"; then
1944 AC_DEFINE(HAVE_GPG_CHECKSUM)
1945 AC_DEFINE_UNQUOTED(GPG_HASH, _("${mychk}") )
1946 echo "${mychk}" | sed 's,.*:,,g' | sed 's, ,,g' | sed 's,\(.\),\1:,g' | awk '{ split($0, arr, ":"); m = length($1)/2; print "#ifndef CHKSUM_H"; print "#define CHKSUM_H"; print "char gpgchk[50];"; for (i=1; i <= m; i++) printf "gpgchk[%d] = %c%s%c;\n", i-1, 39, arr[i], 39; printf "gpgchk[48] = %c%c0%c;\n", 39, 92, 39; print "#endif"; }' > sh_gpg_chksum.h
1947 fi
1948 fi
1949 ]
1950)
1951
1952AC_ARG_WITH(fp,
1953 [ --with-fp=FINGERPRINT compile in public key fingerprint [[no]]],
1954 [
1955 if test "x${withval}" != "xno"; then
1956 if test "x${withval}" != "xyes"; then
1957 withval0=`echo ${withval} | sed 's% %%g'`
1958 echo "${withval0}" | \
1959 grep ['[^0123456789abcdefABCDEF]'] >/dev/null 2>&1 &&
1960 AC_MSG_ERROR([--with-fp: invalid character(s) in FINGERPRINT=${withval0}])
1961 sh_len=`echo ${withval0} | wc -c | sed 's% %%g'`
1962 sh_len0=`expr ${sh_len} \- 1`
1963 if test "x${sh_len0}" = "x40" || test "x${sh_len0}" = "x32"
1964 then
1965 myfp="${withval0}"
1966 AC_DEFINE(USE_FINGERPRINT)
1967 AC_DEFINE_UNQUOTED(SH_GPG_FP, _("${myfp}") )
1968 echo "${myfp}" | sed 's,.*:,,g' | sed 's, ,,g' | sed 's,\(.\),\1:,g' | awk '{ split($0, arr, ":"); m = length($1)/2; print "#ifndef FINGERPRINT_H"; print "#define FINGERPRINT_H"; printf "char gpgfp[%d];\n", m+1; for (i=1; i <= m; i++) printf "gpgfp[%d] = %c%s%c;\n", i-1, 39, arr[i], 39; printf "gpgfp[%d] = %c%c0%c;\n", m, 39, 92, 39; print "#endif"; }' > sh_gpg_fp.h
1969 else
1970 AC_MSG_ERROR([--with-fp: length (${sh_len0}) of FINGERPRINT ${withval0} incorrect])
1971 fi
1972 else
1973 AC_MSG_ERROR([--with-fp: usage error ... FINGERPRINT=yes])
1974 fi
1975 fi
1976 ])
1977
1978
1979dnl
1980dnl MAIL OPTIONS
1981dnl
1982
1983AC_ARG_WITH(recipient,
1984 [ --with-recipient=ADDR set recipient(s) for e-mail [[none]]],
1985 [
1986 withval0=`echo ${withval} | sed 's%,% %g'`
1987 for sh_item in ${withval0}
1988 do
1989 case ${sh_item} in
1990 *@*.*)
1991 sh_tmp=`echo ${sh_item} | awk '{ if ($1 ~ [/^[a-zA-Z0-9][a-zA-Z0-9\-_\.]*@[a-zA-Z0-9\-\.]+\.([a-zA-Z]+|[0-9]+)$/]) {print 1; } else { print 0}}'`
1992 if test "x${sh_tmp}" != "x1"
1993 then
1994 AC_MSG_ERROR([--with-recipient: invalid mail address ${sh_item}])
1995 fi
1996 ;;
1997 *)
1998 AC_MSG_ERROR([--with-recipient: invalid mail address ${sh_item}])
1999 ;;
2000 esac
2001 done
2002 myrcp="$withval0"
2003 ],
2004 [myrcp="NULL"])
2005AC_DEFINE_UNQUOTED(DEFAULT_MAILADDRESS, _("${myrcp}") )
2006
2007
2008AC_ARG_WITH(sender,
2009 [ --with-sender=SENDER set sender for e-mail [[daemon]]],
2010 [
2011 mysender="${withval}"
2012 ],
2013 [
2014 mysender="daemon"
2015 ])
2016AC_DEFINE_UNQUOTED(DEFAULT_SENDER, _("${mysender}") )
2017
2018
2019dnl
2020dnl PATHS
2021dnl
2022
2023AC_ARG_WITH(trusted,
2024 [ --with-trusted=UID Set uid(s) of trusted users [[0]]],
2025 [
2026 sh_tmp_test=no
2027 sh_tmp=`echo ${withval} | sed 's%,% %g'`
2028 for sh_tmp1 in ${sh_tmp}
2029 do
2030 echo "${sh_tmp1}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
2031 AC_MSG_ERROR([--with-trusted: non-numeric UID in ${withval}])
2032 if test "x${sh_tmp1}" = "x0"
2033 then
2034 sh_tmp_test=yes
2035 fi
2036 done
2037 if test "x${sh_tmp_test}" = "xno"
2038 then
2039 withval="0,${withval}"
2040 fi
2041 mytrust="${withval}"
2042 ],
2043 [mytrust="0"] )
2044AC_DEFINE_UNQUOTED(SL_ALWAYS_TRUSTED, ${mytrust} )
2045AC_SUBST(mytrust)
2046
2047AC_ARG_WITH(tmp-dir,
2048 [ --with-tmp-dir=PFX set directory for temporary files [[HOME]]],
2049 [
2050 if test "x${cross_compiling}" = xyes; then
2051 :
2052 else
2053 if test -d "${withval}"; then
2054 my_tmp_dir="$withval"
2055 AC_DEFINE_UNQUOTED(SH_TMPDIR, _("${my_tmp_dir}") )
2056 else
2057 AC_MSG_ERROR([--with-tmp-dir: tmp directory ${withval} does not exist])
2058 fi
2059 fi
2060 ]
2061)
2062
2063dnl
2064dnl PATH DEFAULTS
2065dnl
2066
2067if test "x${ac_prefix_set}" = xyes
2068then
2069 if test "x${exec_prefix}" = xNONE
2070 then
2071 exec_prefix="${prefix}"
2072 fi
2073
2074 if test "x${prefix}" = xOPT
2075 then
2076 tmp_sbindir="/opt/${install_name}/bin"
2077 tmp_sysconfdir="/etc/opt"
2078 tmp_mandir="/opt/${install_name}/man"
2079 tmp_localstatedir="/var/opt/${install_name}"
2080 elif test "x${prefix}" = xUSR
2081 then
2082 tmp_sbindir="/usr/sbin"
2083 tmp_sysconfdir="/etc"
2084 tmp_mandir="/usr/share/man"
2085 tmp_localstatedir="/var"
2086 else
2087 tmp_sbindir=`eval echo ${sbindir}`
2088 tmp_sysconfdir=`eval echo ${sysconfdir}`
2089 tmp_mandir=`eval echo ${mandir}`
2090 tmp_localstatedir=`eval echo ${localstatedir}`
2091 fi
2092else
2093 prefix=""
2094 if test "x${ac_exec_prefix_set}" = xyes
2095 then
2096 tmp_sbindir=`eval echo ${sbindir}`
2097 else
2098 tmp_sbindir="/usr/local/sbin"
2099 fi
2100 tmp_sysconfdir="/etc"
2101 # share/man -> man (FHS) 11.10.2002
2102 tmp_mandir="/usr/local/man"
2103 tmp_localstatedir="/var"
2104fi
2105
2106
2107if test "x${ac_sbindir_set}" = xyes
2108then
2109 :
2110else
2111 sbindir=`eval echo ${tmp_sbindir}`
2112fi
2113
2114
2115if test "x${ac_sysconfdir_set}" = xyes
2116then
2117 :
2118else
2119 sysconfdir=`eval echo ${tmp_sysconfdir}`
2120fi
2121
2122if test "x${ac_mandir_set}" = xyes
2123then
2124 :
2125else
2126 mandir=`eval echo ${tmp_mandir}`
2127fi
2128
2129if test "x${ac_localstatedir_set}" = xyes
2130then
2131 :
2132else
2133 localstatedir=`eval echo ${tmp_localstatedir}`
2134fi
2135
2136
2137
2138AC_ARG_WITH(config-file,
2139 [ --with-config-file=FILE configuration file [[/etc/{install_name}rc]]],
2140 [
2141 myconffile="${withval}"
2142 changequote(<<, >>)dnl
2143 tmp=`echo ${withval} | sed 's%^REQ_FROM_SERVER%%'`
2144 sysconfdir=`echo ${tmp} | sed 's%/[^/][^/]*$%%'`
2145 myrpmconffile="${tmp}"
2146 changequote([, ])dnl
2147 ],
2148 [
2149 myconffile="${sysconfdir}/${install_name}rc"
2150 myrpmconffile="${myconffile}"
2151 ]
2152)
2153AC_DEFINE_UNQUOTED(DEFAULT_CONFIGFILE, _("${myconffile}") )
2154AC_SUBST(myconffile)
2155AC_SUBST(myrpmconffile)
2156
2157AC_ARG_WITH(log-file,
2158 [ --with-log-file=FILE path of log file [[/var/log/{install_name}_log]]],
2159 [
2160 mylogfile="$withval"
2161 changequote(<<, >>)dnl
2162 mylogdir=`echo ${withval} | sed 's%/[^/][^/]*$%%'`
2163 changequote([, ])dnl
2164 ],
2165 [
2166 if test "x${mytclient}" = "x-DSH_WITH_SERVER"; then
2167 mylogfile="${localstatedir}/log/${install_name}/${install_name}_log"
2168 mylogdir="${localstatedir}/log/${install_name}"
2169 else
2170 mylogfile="${localstatedir}/log/${install_name}_log"
2171 mylogdir="${localstatedir}/log"
2172 fi
2173 ]
2174)
2175AC_DEFINE_UNQUOTED(DEFAULT_ERRFILE, _("${mylogfile}") )
2176AC_DEFINE_UNQUOTED(DEFAULT_LOGDIR, _("${mylogdir}") )
2177AC_SUBST(mylogfile)
2178AC_SUBST(mylogdir)
2179
2180AC_ARG_WITH(pid-file,
2181 [ --with-pid-file=FILE set path of pid file [[/var/run/{install_name}.pid]]],
2182 [
2183 mylockfile="$withval"
2184 changequote(<<, >>)dnl
2185 mylockdir=`echo ${withval} | sed 's%/[^/][^/]*$%%'`
2186 changequote([, ])dnl
2187 ],
2188 [
2189 mylockfile="${localstatedir}/run/${install_name}.pid"
2190 mylockdir="${localstatedir}/run"
2191 ]
2192)
2193AC_DEFINE_UNQUOTED(DEFAULT_ERRLOCK, _("${mylockfile}") )
2194AC_DEFINE_UNQUOTED(DEFAULT_PIDDIR, _("${mylockdir}") )
2195AC_SUBST(mylockfile)
2196AC_SUBST(mylockdir)
2197
2198AC_ARG_WITH(state-dir,
2199 [ --with-state-dir=PFX set state data directory [[/var/lib/{install_name}]]],
2200 [
2201 mydataroot="$withval"
2202 ],
2203 [
2204 mydataroot="${localstatedir}/lib/${install_name}"
2205 ]
2206 )
2207AC_ARG_WITH(data-file,
2208 [ --with-data-file=FILE set path of data file],
2209 [
2210 mydatafile="$withval"
2211 changequote(<<, >>)dnl
2212 tmp=`echo ${withval} | sed 's%^REQ_FROM_SERVER%%'`
2213 mydataroot=`echo ${tmp} | sed 's%/[^/][^/]*$%%'`
2214 myrpmdatafile="${tmp}"
2215 changequote([, ])dnl
2216 if test x"${tmp}" = x
2217 then
2218 echo "No local path in data file ${withval}"
2219 echo "This will not work for initializing the database."
2220 if test x"${withval}" = xREQ_FROM_SERVER
2221 then
2222 echo "It should be REQ_FROM_SERVER/some/local/path"
2223 fi
2224 AC_MSG_ERROR([--with-data-file: invalid path ${withval}])
2225 fi
2226 ],
2227 [
2228 mydatafile="${mydataroot}/${install_name}_file"
2229 myrpmdatafile="${mydatafile}"
2230 ])
2231AC_DEFINE_UNQUOTED(DEFAULT_DATA_FILE, _("${mydatafile}") )
2232AC_SUBST(mydatafile)
2233AC_SUBST(myrpmdatafile)
2234
2235AC_DEFINE_UNQUOTED(DEFAULT_DATAROOT, _("${mydataroot}") )
2236AC_SUBST(mydataroot)
2237
2238AC_DEFINE_UNQUOTED(DEFAULT_QDIR, _("${mydataroot}/.quarantine") )
2239AC_SUBST(myqdir)
2240
2241
2242AC_ARG_WITH(html-file,
2243 [ --with-html-file=FILE set path of html file,],
2244 [
2245 myhtmlfile="$withval"
2246 ],
2247 [
2248 myhtmlfile="${mylogdir}/${install_name}.html"
2249 ])
2250AC_DEFINE_UNQUOTED(DEFAULT_HTML_FILE, _("${myhtmlfile}") )
2251AC_SUBST(myhtmlfile)
2252
2253
2254mydefargs=$ac_configure_args
2255# if test -z "`echo "$mydefargs" | grep "\-\-enable\-static" 2> /dev/null`"
2256# then
2257# mydefargs="--enable-static $mydefargs"
2258# fi
2259if test -z "`echo "$mydefargs" | grep "\-\-enable\-base" 2> /dev/null`"
2260then
2261 mydefargs="--enable-base=${mykeybase} $mydefargs"
2262fi
2263AC_SUBST(mydefargs)
2264
2265
2266AC_DEFINE_UNQUOTED(SH_INSTALL_DIR, _("${sbindir}"))
2267AC_DEFINE_UNQUOTED(SH_INSTALL_PATH, _("${sbindir}/${install_name}"))
2268AC_DEFINE_UNQUOTED(SH_INSTALL_NAME, _("${install_name}"))
2269
2270AC_CONFIG_HEADER(config.h)
2271
2272AC_OUTPUT(
2273[
2274Makefile
2275samhain-install.sh
2276init/samhain.startLSB
2277init/samhain.startLinux
2278init/samhain.startGentoo
2279init/samhain.startFreeBSD
2280init/samhain.startSolaris
2281init/samhain.startHPUX
2282init/samhain.startIRIX
2283samhain.spec
2284rules.deb
2285rules.deb-light
2286hp_ux.psf
2287scripts/samhain.spec
2288scripts/redhat_i386.client.spec
2289scripts/samhain.ebuild
2290scripts/samhain.ebuild-light
2291scripts/samhainadmin.pl
2292scripts/check_samhain.pl
2293deploy.sh
2294],
2295[
2296echo timestamp > stamp-h
2297chmod +x samhain-install.sh
2298chmod +x scripts/samhainadmin.pl
2299chmod +x scripts/check_samhain.pl
2300]
2301)
2302
2303chmod +x deploy.sh
2304
2305if test "x${cross_compiling}" = xyes
2306then
2307
2308echo "--------------------------------------------------------------"
2309echo
2310echo "You are using a cross-compiler. The following system dependent"
2311echo "values may have been set to default values that may be"
2312echo "incorrect for your target system: "
2313echo
2314echo "ac_cv_c_bigendian bigendian byte order ${ac_cv_c_bigendian}"
2315echo "ac_cv_c_long_double long double exists ${ac_cv_c_long_double}"
2316echo "ac_cv_sizeof_char_p size of pointer to char ${ac_cv_sizeof_char_p}"
2317echo "ac_cv_sizeof_char_p size of size_t ${ac_cv_sizeof_size_t}"
2318echo "ac_cv_sizeof_unsigned_int_ size of unsigned int ${ac_cv_sizeof_unsigned_int_}"
2319echo "ac_cv_sizeof_unsigned_long size of unsigned long ${ac_cv_sizeof_unsigned_long}"
2320echo "ac_cv_sizeof_unsigned_short size of unsigned short ${ac_cv_sizeof_unsigned_short}"
2321echo
2322echo "If these values are incorrect, change them in the file "
2323echo "config.cache and run configure again."
2324echo
2325echo "--------------------------------------------------------------"
2326
2327fi
2328
2329if test x${silent} != xyes
2330then
2331
2332 # A=`eval echo ${sbindir}` ; A=`eval echo ${A}`
2333 # B=`eval echo ${myconffile}` ; B=`eval echo ${B}`
2334 # C=`eval echo ${mandir}` ; C=`eval echo ${C}`
2335 # D=`eval echo ${mylockfile}` ; D=`eval echo ${D}`
2336 # E=`eval echo ${mylogfile}` ; E=`eval echo ${E}`
2337 # F=`eval echo ${mydataroot}` ; F=`eval echo ${F}`
2338
2339 echo
2340 echo " samhain has been configured as follows:"
2341 echo " System binaries: ${sbindir}"
2342 echo " Configuration file: ${myconffile}"
2343 echo " Manual pages: ${mandir}"
2344 echo " Data: ${mydataroot}"
2345 echo " PID file: ${mylockfile}"
2346 echo " Log file: ${mylogfile}"
2347 echo " Base key: ${mykeybase}"
2348 echo
2349 if test x"$mytclient" = x"-DSH_WITH_SERVER"
2350 then
2351 echo " Selected rc file: yulerc"
2352 else
2353 echo " Selected rc file: samhainrc.${selectconfig}"
2354 fi
2355
2356fi
2357
Note: See TracBrowser for help on using the repository browser.