source: trunk/configure.ac@ 50

Last change on this file since 50 was 50, checked in by rainer, 18 years ago

Fix for the fix in revision 48. Released as 2.2.1c

File size: 64.0 KB
Line 
1
2dnl We want to override the standard _AC_INIT_PARSE_ARGS
3dnl
4AU_ALIAS([_AC_INIT_PARSE_ARGS], [SH_INIT_PARSE_ARGS])
5AU_ALIAS([_AC_INIT_help], [SH_INIT_HELP])
6
7AC_INIT(src/samhain.c)
8
9
10AC_ARG_VAR([LIBS], [libraries to link against, e.g. -lintl])
11
12dnl
13dnl start
14dnl
15AM_INIT_AUTOMAKE(samhain, 2.2.1c)
16AC_CANONICAL_HOST
17
18dnl
19dnl checks for programs
20dnl
21
22AC_PROG_CC
23AC_PROG_CPP
24AC_PROG_INSTALL
25AC_PROG_LN_S
26AC_PROG_AWK
27AC_PATH_PROG(cmd_hostname,hostname)
28AC_SUBST(cmd_hostname)
29
30GCC_STACK_PROTECT_CC
31
32AC_HEADER_STDC
33dnl
34dnl first one is a dummy because of an autoconf bug
35dnl (no HAVE_... for first one)
36dnl
37AC_CHECK_HEADERS([sys/ipc.h sys/msg.h sys/uio.h fcntl.h])
38
39
40AC_MSG_CHECKING([for host-specific issues])
41mydebugflag=no
42myneedg3=no
43uid_cast="signed long"
44selectconfig=linux
45mynetbsd=no
46sh_use_lcaps="undef"
47
48case "$host_os" in
49
50 *linux*)
51 sh_use_lcaps="yes"
52 AC_DEFINE(HOST_IS_LINUX)
53 AC_DEFINE(HAVE_EXT2_IOCTLS)
54 AC_MSG_RESULT(LINUX use ioctl to get e2fs flags)
55 case "$host_cpu" in
56 i*86*)
57 AC_DEFINE(HOST_IS_I86LINUX)
58 ;;
59 *)
60 ;;
61 esac
62 ;;
63
64 *osf*)
65 AC_DEFINE([HOST_IS_OSF], 1, [Define if host OS is OSF])
66 if test "x$GCC" != "xyes"; then
67 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
68 CFLAGS="$CFLAGS -O2 -assume noaligned_objects"
69 myneedg3=yes
70 AC_MSG_RESULT(OSF1 compiler needs assume noaligned_objects)
71 else
72 AC_MSG_RESULT(none)
73 fi
74 ;;
75
76 *cygwin*)
77 AC_DEFINE(HOST_IS_CYGWIN)
78 AC_MSG_RESULT(CYGWIN do not check for trusted paths)
79 ;;
80
81 *darwin*)
82 AC_DEFINE(HOST_IS_DARWIN)
83 AC_MSG_RESULT(DARWIN check resource forks)
84 ;;
85
86 *freebsd*)
87 AC_DEFINE(HOST_IS_FREEBSD)
88 selectconfig=freebsd
89 AC_MSG_RESULT(none)
90 ;;
91
92 *openbsd*)
93 selectconfig=freebsd
94 AC_MSG_RESULT(none)
95 ;;
96
97 *netbsd*)
98 mynetbsd=yes
99 AC_MSG_RESULT(NETBSD bug with libresolve)
100 ;;
101
102 *solaris*)
103 selectconfig=solaris
104 AC_DEFINE(HOST_IS_SOLARIS)
105 case "$host_cpu" in
106 i*86)
107 AC_DEFINE(HOST_IS_I86SOLARIS)
108 AC_MSG_RESULT(SOLARIS I86 vsnprintf prototype)
109 ;;
110 *)
111 AC_MSG_RESULT(none)
112 ;;
113 esac
114 if test "x$GCC" != "xyes"; then
115 if test ! -z "`echo "$CFLAGS" | grep "\-g" 2> /dev/null`" ; then
116 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
117 fi
118 if test -z "`echo "$CFLAGS" | grep "\-xO2" 2> /dev/null`"; then
119 CFLAGS="$CFLAGS -xO2"
120 fi
121 if test -z "`echo "$CFLAGS" | grep "\-Xa" 2> /dev/null`"; then
122 CFLAGS="$CFLAGS -Xa"
123 fi
124 LIBS="-lc $LIBS"
125 fi
126 ;;
127
128
129 *sun*)
130 selectconfig=solaris
131 AC_DEFINE(HOST_IS_SOLARIS)
132 AC_MSG_RESULT(none)
133 ;;
134
135 *aix*)
136 AC_DEFINE(HOST_IS_AIX)
137 selectconfig=aix5.2.0
138 uid_cast="unsigned long"
139 if test "x$GCC" != "xyes"; then
140 if test ! -z "`echo "$CFLAGS" | grep "\-g" 2> /dev/null`" ; then
141 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
142 fi
143 if test -z "`echo "$CFLAGS" | grep "\-O3" 2> /dev/null`"; then
144 CFLAGS="$CFLAGS -O3"
145 fi
146 if test -z "`echo "$CFLAGS" | grep "\-qstrict" 2> /dev/null`"; then
147 CFLAGS="$CFLAGS -qstrict"
148 fi
149 AC_MSG_RESULT(AIX size_t in the accept call and optimize O3 qstrict)
150 else
151 AC_MSG_RESULT(AIX size_t in the accept call)
152 fi
153 ;;
154
155 *hpux*)
156 AC_MSG_RESULT(HPUX has not always h_errno defined)
157 AC_DEFINE(HOST_IS_HPUX)
158 if test "x$GCC" != "xyes"; then
159 if test ! -z "`echo "$CFLAGS" | grep "\-g" 2> /dev/null`" ; then
160 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
161 fi
162 if test -z "`echo "$CFLAGS" | grep "\-fast" 2> /dev/null`"; then
163 CFLAGS="$CFLAGS -fast"
164 fi
165 fi
166 ;;
167
168 *ultrix*)
169 AC_MSG_RESULT(ULTRIX getcwd uses popen)
170 AC_DEFINE(HAVE_BROKEN_GETCWD)
171 ;;
172
173 *)
174 AC_MSG_RESULT(none)
175 ;;
176esac
177
178AC_SUBST(selectconfig)
179AC_DEFINE_UNQUOTED(UID_CAST, ${uid_cast})
180
181
182dnl *****************************************
183dnl
184dnl checks for header files
185dnl
186dnl *****************************************
187
188AC_HEADER_DIRENT
189AC_HEADER_MAJOR
190AC_HEADER_TIME
191dnl used in minilzo.c
192AC_HEADER_STAT
193AC_DECL_SYS_SIGLIST
194
195AC_CHECK_HEADERS(stddef.h libgen.h sched.h \
196 sys/vfs.h \
197 sys/select.h sys/socket.h netinet/in.h \
198 regex.h glob.h \
199 linux/ext2_fs.h ext2fs/ext2_fs.h \
200 elf.h linux/elf.h \
201 paths.h arpa/nameser.h arpa/nameser_compat.h,
202 [],
203 [],
204 [#include <sys/types.h>]
205)
206
207
208AC_CHECK_HEADER(utmpx.h, sh_utmpx="yes", sh_utmpx="no")
209if test "x$sh_utmpx" = "xyes"; then
210 if cat "/usr/include/utmpx.h" 2>&5 |
211 egrep "WTMPX_FILE" >/dev/null 2>&1; then
212 AC_DEFINE(HAVE_UTMPX_H)
213 AC_EGREP_HEADER(ut_host, utmpx.h, AC_DEFINE(HAVE_UTHOST) )
214 AC_EGREP_HEADER(ut_addr, utmpx.h, AC_DEFINE(HAVE_UTADDR) )
215 AC_EGREP_HEADER(ut_xtime,utmpx.h, AC_DEFINE(HAVE_UTXTIME) )
216 AC_EGREP_HEADER(ut_type, utmpx.h, AC_DEFINE(HAVE_UTTYPE) )
217 else
218 AC_EGREP_HEADER(ut_addr, utmp.h, AC_DEFINE(HAVE_UTADDR) )
219 AC_EGREP_HEADER(ut_host, utmp.h, AC_DEFINE(HAVE_UTHOST) )
220 AC_EGREP_HEADER(ut_type, utmp.h, AC_DEFINE(HAVE_UTTYPE) )
221 fi
222else
223 AC_EGREP_HEADER(ut_host, utmp.h, AC_DEFINE(HAVE_UTHOST) )
224 AC_EGREP_HEADER(ut_type, utmp.h, AC_DEFINE(HAVE_UTTYPE) )
225fi
226
227dnl need to check because AIX 4.2 does not have it
228dnl
229AC_CHECK_MEMBERS([struct statfs.f_flags],[],[],[
230#ifdef HAVE_SYS_TYPES_H
231#include <sys/types.h>
232#endif
233#ifdef HAVE_SYS_STAT_H
234#include <sys/stat.h>
235#endif
236#ifdef HAVE_SYS_VFS_H
237#include <sys/vfs.h>
238#endif
239#ifdef HAVE_UNISTD_H
240#include <unistd.h>
241#endif
242])
243
244AC_SYS_LARGEFILE
245
246dnl
247dnl check whether _POSIX_SOURCE is required
248dnl
249SAMHAIN_POSIX
250
251
252dnl *****************************************
253dnl
254dnl Checks for library functions.
255dnl
256dnl *****************************************
257AC_FUNC_STRFTIME
258AC_CHECK_FUNCS(memcmp memcpy memmove memset getpwent endpwent \
259 gettimeofday strlcat strlcpy strstr strchr strerror strsignal \
260 seteuid setreuid setresuid lstat getwd getcwd ptrace \
261 usleep setpriority getpeereid nanosleep \
262 strptime basename sched_yield \
263 inet_aton gethostbyname setutent setrlimit gethostname uname \
264 initgroups getpagesize \
265 ttyname fchmod
266)
267AC_CHECK_FUNC(statfs, AC_DEFINE(HAVE_STATFS) statfs="yes", statfs="no")
268SL_CHECK_VA_COPY
269AC_CHECK_FUNCS(vsnprintf, [SL_CHECK_VSNPRINTF])
270AC_CHECK_MLOCK
271
272AC_MSG_CHECKING(how to get filesystem type)
273fstype=no
274# The order of these tests is important.
275AC_TRY_CPP([#include <sys/statvfs.h>
276#include <sys/fstyp.h>], AC_DEFINE(FSTYPE_STATVFS) fstype=SVR4)
277if test $fstype = no; then
278AC_TRY_CPP([#include <sys/statfs.h>
279#include <sys/fstyp.h>], AC_DEFINE(FSTYPE_USG_STATFS) fstype=SVR3)
280fi
281if test $fstype = no; then
282AC_TRY_CPP([#include <sys/statfs.h>
283#include <sys/vmount.h>], AC_DEFINE(FSTYPE_AIX_STATFS) fstype=AIX)
284fi
285if test $fstype = no; then
286AC_TRY_CPP([#include <mntent.h>], AC_DEFINE(FSTYPE_MNTENT) fstype=4.3BSD)
287fi
288if test $fstype = no; then
289AC_EGREP_HEADER(f_type;, sys/mount.h, AC_DEFINE(FSTYPE_STATFS) fstype=4.4BSD/OSF)
290fi
291if test $fstype = no; then
292AC_TRY_CPP([#include <sys/mount.h>
293#include <sys/fs_types.h>], AC_DEFINE(FSTYPE_GETMNT) fstype=Ultrix)
294fi
295AC_MSG_RESULT($fstype)
296
297sh_libsocket=
298
299dnl Solaris needs -lsocket and -lnsl. Unisys system includes
300dnl gethostbyname in libsocket but needs libnsl for socket.
301AC_CHECK_LIB(nsl, gethostbyname)
302AC_CHECK_LIB(socket, socket, ac_need_libsocket=1, ac_try_nsl=1)
303if test x$ac_need_libsocket = x1; then
304 LIBS="$LIBS -lsocket"
305 sh_libsocket="-lsocket"
306fi
307if test x$ac_try_nsl = x1; then
308 AC_CHECK_LIB(nsl, gethostbyname, ac_need_libnsl=1)
309 if test x$ac_need_libnsl = x1
310 then
311 LIBS="$LIBS -lnsl"
312 fi
313fi
314AC_SUBST(sh_libsocket)
315
316AC_CHECK_LIB(socket, res_search, [
317 AC_CHECK_LIB(resolv, dn_skipname)
318 AC_CHECK_LIB(resolv, __dn_skipname)
319 if test x$ac_need_libsocket = x1; then
320 :
321 else
322 LIBS="$LIBS -lsocket"
323 fi
324 ], [
325 AC_CHECK_LIB(resolv, res_search, [
326 LIBS="$LIBS -lresolv"
327 ], [
328 AC_CHECK_LIB(resolv, dn_skipname)
329 AC_CHECK_LIB(resolv, __dn_skipname)
330 ])
331 ])
332
333dnl arguments for accept
334
335dnl check for Unix98 socklen_t (found on
336dnl xemacs-patches mailing list, written
337dnl by Martin Buchholz)
338dnl
339dnl On Darwin(MacOSX) socklen_t needs to be
340dnl an int (see accept man page), on all other
341dnl unix systems we need a size_t.
342
343AC_MSG_CHECKING(for socklen_t)
344AC_TRY_COMPILE([
345#ifdef HAVE_SYS_TYPES_H
346#include <sys/types.h>
347#endif
348#ifdef HAVE_SYS_SOCKET_H
349#include <sys/socket.h>
350#endif
351 socklen_t x;
352], [],[
353 AC_MSG_RESULT(yes)
354 AC_DEFINE_UNQUOTED([ACCEPT_TYPE_ARG3],[socklen_t], [type of arg3 of accept])
355 AC_DEFINE([HAVE_SOCKLEN_T], 1, [Define if you have socklen_t])
356],[
357 AC_TRY_COMPILE([
358#ifdef HAVE_SYS_TYPES_H
359#include <sys/types.h>
360#endif
361#ifdef HAVE_SYS_SOCKET_H
362#include <sys/socket.h>
363#endif
364 int accept (int, struct sockaddr *, size_t *);
365 ],[],[
366 AC_MSG_RESULT(size_t)
367 AC_DEFINE_UNQUOTED([ACCEPT_TYPE_ARG3],[size_t], [type of arg3 of accept])
368 ], [
369 AC_MSG_RESULT(int)
370 AC_DEFINE_UNQUOTED([ACCEPT_TYPE_ARG3],[int], [type of arg3 of accept])
371 ]
372 )
373])
374
375
376dnl *****************************************
377dnl checks for typedefs
378dnl *****************************************
379
380AC_C_LONG_DOUBLE
381SH_CHECK_TYPEDEF(long long, HAVE_LONG_LONG)
382if test "$sh_HAVE_LONG_LONG" = "yes"; then
383 AC_CHECK_SIZEOF(unsigned long long, 4)
384 if test "$ac_cv_sizeof_unsigned_long_long" = "8"; then
385 AC_DEFINE(HAVE_LONG_LONG_64, 1, [Define if you have 64bit long long])
386 fi
387fi
388
389AC_CHECK_TYPE(ptrdiff_t, long)
390AC_TYPE_SIZE_T
391AC_CHECK_SIZEOF(char *, 4)
392AC_CHECK_SIZEOF(size_t, 4)
393
394AC_CHECK_SIZEOF(unsigned long, 4)
395AC_CHECK_SIZEOF(unsigned int , 4)
396AC_CHECK_SIZEOF(unsigned short, 2)
397
398
399if test "$ac_cv_sizeof_unsigned_long" = "4"; then
400 AC_DEFINE(HAVE_LONG_32)
401fi
402if test "$ac_cv_sizeof_unsigned_long" = "8"; then
403 AC_DEFINE(HAVE_LONG_64)
404fi
405if test "$ac_cv_sizeof_unsigned_int" = "4"; then
406 AC_DEFINE(HAVE_INT_32)
407fi
408
409dnl
410dnl For Alpha
411dnl
412if test "$ac_cv_sizeof_unsigned_int_" = "4"; then
413 AC_DEFINE(HAVE_INT_32)
414fi
415if test "$ac_cv_sizeof_unsigned_short" = "4"; then
416 AC_DEFINE(HAVE_SHORT_32)
417fi
418
419dnl
420dnl check for 64 bit programming environment
421dnl
422SAMHAIN_64
423
424
425dnl *****************************************
426dnl checks for structures
427dnl *****************************************
428
429AC_STRUCT_TM
430
431dnl
432dnl from e2fsprogs
433dnl
434AC_MSG_CHECKING(whether struct stat has a st_flags field)
435AC_CACHE_VAL(e2fsprogs_cv_struct_st_flags,
436 AC_TRY_COMPILE([#include <sys/stat.h>],
437 [struct stat stat; stat.st_flags = 0;],
438 [e2fsprogs_cv_struct_st_flags=yes],
439 [e2fsprogs_cv_struct_st_flags=no]))
440AC_MSG_RESULT($e2fsprogs_cv_struct_st_flags)
441if test "$e2fsprogs_cv_struct_st_flags" = yes; then
442 AC_MSG_CHECKING(whether st_flags field is useful)
443 AC_CACHE_VAL(e2fsprogs_cv_struct_st_flags_immut,
444 AC_TRY_COMPILE([#include <sys/stat.h>],
445 [struct stat stat; stat.st_flags |= UF_IMMUTABLE;],
446 [e2fsprogs_cv_struct_st_flags_immut=yes],
447 [e2fsprogs_cv_struct_st_flags_immut=no]))
448 AC_MSG_RESULT($e2fsprogs_cv_struct_st_flags_immut)
449 if test "$e2fsprogs_cv_struct_st_flags_immut" = yes; then
450 AC_DEFINE(HAVE_STAT_FLAGS)
451 fi
452fi
453
454dnl
455dnl from dbus
456dnl
457AC_MSG_CHECKING(for struct cmsgcred)
458AC_TRY_COMPILE([
459#include <sys/types.h>
460#include <sys/socket.h>
461],[
462struct cmsgcred cred;
463
464cred.cmcred_pid = 0;
465],sh_have_struct_cmsgcred=yes,sh_have_struct_cmsgcred=no)
466AC_MSG_RESULT($sh_have_struct_cmsgcred)
467
468if test x$sh_have_struct_cmsgcred = xyes; then
469 AC_DEFINE(HAVE_STRUCT_CMSGCRED,1,[Have cmsgcred structure])
470fi
471
472AC_MSG_CHECKING(for struct fcred)
473AC_TRY_COMPILE([
474#include <sys/param.h>
475#include <sys/socket.h>
476#include <sys/ucred.h>
477],[
478struct fcred sockcred;
479],sh_have_struct_fcred=yes,sh_have_struct_fcred=no)
480AC_MSG_RESULT($sh_have_struct_fcred)
481
482if test x$sh_have_struct_fcred = xyes; then
483 AC_DEFINE(HAVE_STRUCT_FCRED,1,[Have fcred structure])
484fi
485
486AC_MSG_CHECKING(for struct sockcred)
487AC_TRY_COMPILE([
488#include <sys/param.h>
489#include <sys/socket.h>
490#include <sys/ucred.h>
491],[
492struct sockcred sockcred;
493],sh_have_struct_sockcred=yes,sh_have_struct_sockcred=no)
494AC_MSG_RESULT($sh_have_struct_sockcred)
495
496if test x$sh_have_struct_sockcred = xyes; then
497 AC_DEFINE(HAVE_STRUCT_SOCKCRED,1,[Have sockcred structure])
498fi
499
500AC_MSG_CHECKING(for SO_PEERCRED)
501AC_TRY_COMPILE([
502#include <sys/types.h>
503#include <sys/socket.h>
504],[
505int test = SO_PEERCRED;
506],sh_have_SO_PEERCRED=yes,sh_have_SO_PEERCRED=no)
507AC_MSG_RESULT($sh_have_SO_PEERCRED)
508
509if test x$sh_have_SO_PEERCRED = xyes; then
510 AC_DEFINE(HAVE_SO_PEERCRED,1,[Have SO_PEERCRED define])
511fi
512
513
514dnl *****************************************
515dnl checks for compiler characteristics
516dnl *****************************************
517AC_C_INLINE
518AC_C_CONST
519AC_C_BIGENDIAN
520
521AM_SA_SIGACTION_WORKS
522
523dnl *****************************************
524dnl
525dnl checks for system services
526dnl
527dnl *****************************************
528
529dnl
530dnl check for GNU gmp
531dnl
532AC_CHECK_LIB(gmp, __gmpz_init, [sh_have_gmp=yes], [sh_have_gmp=no])
533if test "x${sh_have_gmp}" = xno
534then
535 AC_CHECK_LIB(gmp, mpz_init, [sh_have_gmp=yes], [sh_have_gmp=no])
536fi
537if test "x${sh_have_gmp}" = xyes
538then
539 # LIBS="-lgmp $LIBS"
540 AC_DEFINE(HAVE_LIBGMP, 1, [Have GNU gmp library])
541fi
542AC_CHECK_HEADERS(gmp.h)
543
544
545dnl *****************************************
546dnl
547dnl enable features
548dnl
549dnl *****************************************
550
551AC_ARG_ENABLE(db-reload,
552 [ --enable-db-reload enable database reload on SIGHUP [no]],
553 [
554 if test "x${enable_db_reload}" = xyes; then
555 AC_DEFINE(RELOAD_DATABASE)
556 fi
557 ]
558)
559
560AC_ARG_ENABLE(xml-log,
561 [ --enable-xml-log enable XML logfile format [[no]]],
562 [
563 if test "x${enable_xml_log}" = xyes; then
564 AC_DEFINE(SH_USE_XML)
565 fi
566 ]
567)
568
569
570AC_ARG_ENABLE(mail,
571 [ --disable-mail disable the internal SMTP mailer],
572 [
573 if test "x${enable_mail}" = xno; then
574 :
575 else
576 AC_DEFINE(SH_WITH_MAIL)
577 fi
578 ],
579 [AC_DEFINE(SH_WITH_MAIL)]
580)
581
582AC_ARG_ENABLE(external-scripts,
583 [ --disable-external-scripts disable interface to external scripts],
584 [
585 if test "x${enableval}" = xno; then
586 :
587 else
588 AC_DEFINE(WITH_EXTERNAL)
589 fi
590 ],
591 [AC_DEFINE(WITH_EXTERNAL)]
592)
593
594AC_ARG_ENABLE(message-queue,
595 [ --enable-message-queue[[=MODE]] enable SysV message queue [[MODE=0700]]],
596 [
597 if test "x${ac_cv_header_sys_msg_h}" = "xyes"; then
598 if test "x${enable_message_queue}" = xyes; then
599 AC_DEFINE(WITH_MESSAGE_QUEUE)
600 AC_DEFINE_UNQUOTED(MESSAGE_QUEUE_MODE, 0700)
601 elif test "x${enable_message_queue}" != xno; then
602 echo "${enableval}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
603 AC_MSG_ERROR([--enable-message-queue: MODE must be numeric])
604 echo "${enableval}" | \
605 grep ['0[0123456789][0123456789][0123456789]'] >/dev/null 2>&1 ||
606 AC_MSG_ERROR([--enable-message-queue: MODE must be an octal (0nnn) number])
607 AC_DEFINE(WITH_MESSAGE_QUEUE)
608 AC_DEFINE_UNQUOTED(MESSAGE_QUEUE_MODE, ${enable_message_queue})
609 fi
610 else
611 echo
612 echo "**********************************************"
613 echo
614 AC_MSG_WARN([sys/msg.h missing, --enable-message-queue disabled])
615 echo
616 echo "**********************************************"
617 echo
618 fi
619 ]
620)
621
622AC_ARG_WITH(cflags,
623 [ --with-cflags additional flags to pass to compiler],
624 [
625 if test "x$withval" != "xno" ; then
626 CFLAGS="$CFLAGS $withval"
627 fi
628 ]
629)
630AC_ARG_WITH(libs,
631 [ --with-libs additional libraries to link with],
632 [
633 if test "x$withval" != "xno" ; then
634 LIBS="$LIBS $withval"
635 fi
636 ]
637)
638
639
640#
641# this is from ssh
642#
643AC_MSG_CHECKING(whether to use libwrap)
644LIBWRAP_LIB=""
645LIBWRAP_INC=""
646AC_ARG_WITH(libwrap,
647[ --with-libwrap[=PATH] Compile in libwrap (TCP Wrappers) support],
648[ AC_MSG_RESULT($withval)
649 case "$withval" in
650 no)
651 ;;
652 ""|yes)
653 LIBWRAP_LIB="-lwrap"
654 ;;
655 *)
656 if test -d "$withval"; then
657 LIBWRAP_LIB="-L$withval -lwrap"
658 changequote(<<, >>)dnl
659 sh_libwrap_inc=`echo ${withval} | sed 's%/[^/][^/]*$%%'`
660 LIBWRAP_INC="-I${sh_libwrap_inc}/include"
661 changequote([, ])dnl
662 else
663 LIBWRAP_LIB="-lwrap"
664 changequote(<<, >>)dnl
665 sh_libwrap_inc=`echo ${withval} | sed 's%/[^/][^/]*$%%'`
666 LIBWRAP_INC="-I${sh_libwrap_inc}"
667 changequote([, ])dnl
668 fi
669 ;;
670 esac
671 if test -n "$LIBWRAP_LIB"; then
672 # OLDLIBS="$LIBS"
673 LIBS="$LIBWRAP_LIB $LIBS"
674 # OLDCFLAGS="$CFLAGS"
675 CFLAGS="$CFLAGS $LIBWRAP_INC"
676 AC_CHECK_HEADER(tcpd.h,
677 [],
678 [ AC_MSG_ERROR([Could not find tcpd.h for libwrap. You must first install tcp_wrappers]) ])
679 AC_TRY_LINK([ #include <tcpd.h>
680 int allow_severity; int deny_severity; ],
681 [ hosts_access((struct request_info *) 0); ],
682 [ AC_DEFINE(SH_USE_LIBWRAP,1,[Build with tcp wrapper support]) ],
683 [ AC_MSG_ERROR([Could not find the libwrap library.]) ])
684 fi ],
685 AC_MSG_RESULT(no)
686)
687
688
689#
690# this is from the snort configure.in
691#
692AC_DEFUN(FAIL_MESSAGE,[
693 echo
694 echo
695 echo "**********************************************"
696 echo " ERROR: unable to find" $1
697 echo " checked in the following places"
698 for i in `echo $2`; do
699 echo " $i"
700 done
701 echo "**********************************************"
702 echo
703 exit
704])
705
706AC_ARG_WITH(libprelude-prefix,
707 [ --with-libprelude-prefix=PFX Prefix where libprelude is installed (optional)],
708 libprelude_config_prefix="$withval", libprelude_config_prefix="")
709
710AC_MSG_CHECKING(whether to use prelude)
711AC_ARG_WITH(prelude,
712 [ --with-prelude Prelude IDS support [[no]]],
713 [
714 if test "x${withval}" = "xno"; then
715 AC_MSG_RESULT(no)
716 else
717 AC_MSG_RESULT(yes)
718 if test x$libprelude_config_prefix != x ; then
719 if test x${LIBPRELUDE_CONFIG+set} != xset ; then
720 LIBPRELUDE_CONFIG=$libprelude_config_prefix/bin/libprelude-config
721 fi
722 fi
723
724 AC_PATH_PROG(LIBPRELUDE_CONFIG, libprelude-config, no)
725 if test x"$LIBPRELUDE_CONFIG" = "xno" ; then
726 HAVE_PRELUDE_CONFIG=no
727 else
728 HAVE_PRELUDE_CONFIG=yes
729 fi
730dnl AC_CHECK_PROG(HAVE_PRELUDE_CONFIG, libprelude-config, yes, no)
731 if test "$HAVE_PRELUDE_CONFIG" = "yes"; then
732 sh_libprelude_version=`$LIBPRELUDE_CONFIG --version`
733 case "$sh_libprelude_version" in
734 0.8*)
735 sh_prelude_libs=`$LIBPRELUDE_CONFIG --libs | sed 's,\(.*\)\( -L.* -lprelude$\),\2 \1,'`
736 sh_prelude_cflags=`$LIBPRELUDE_CONFIG --cflags`
737 LIBS="$LIBS ${sh_prelude_libs}"
738 CFLAGS="$CFLAGS ${sh_prelude_cflags}"
739 AC_DEFINE(HAVE_LIBPRELUDE,1,[Have libprelude])
740 AC_DEFINE(HAVE_LIBPRELUDE_8,1,[Have libprelude 0.8])
741 ;;
742 *)
743 AM_PATH_LIBPRELUDE([0.9.6],
744 [
745 AC_DEFINE(HAVE_LIBPRELUDE,1,[Have libprelude])
746 AC_DEFINE(HAVE_LIBPRELUDE_9,1,[Have libprelude 0.9])
747 CFLAGS="$CFLAGS $LIBPRELUDE_PTHREAD_CFLAGS"
748 LDFLAGS="$LDFLAGS $LIBPRELUDE_LDFLAGS"
749 LIBS="$LIBS $LIBPRELUDE_LIBS"
750 ],
751 [
752 AC_MSG_ERROR([Could not find libprelude.])
753 ])
754 ;;
755 esac
756 else
757 AC_MSG_ERROR([Could not find libprelude.])
758 fi
759 fi
760 ],
761 [
762 AC_MSG_RESULT(no)
763 ]
764)
765
766dnl AC_MSG_CHECKING(whether to use prelude)
767dnl AC_ARG_WITH(prelude,
768dnl [ --with-prelude Prelude IDS support [[no]]],
769dnl [
770dnl if test "x${withval}" = "xno"; then
771dnl AC_MSG_RESULT(no)
772dnl else
773dnl AC_CHECK_PROG(HAVE_PRELUDE_CONFIG, libprelude-config, yes, no)
774dnl if test "$HAVE_PRELUDE_CONFIG" = "yes"; then
775dnl sh_prelude_libs=`libprelude-config --libs | sed 's,\(.*\)\( -L.* -lprelude$\),\2 \1,'`
776dnl sh_prelude_cflags=`libprelude-config --cflags`
777dnl LIBS="$LIBS ${sh_prelude_libs}"
778dnl CFLAGS="$CFLAGS ${sh_prelude_cflags}"
779dnl AC_DEFINE(HAVE_LIBPRELUDE,1,[Have libprelude])
780dnl else
781dnl AC_MSG_ERROR([Could not find libprelude-config. Did you specify a valid path?])
782dnl fi
783dnl fi
784dnl ],
785dnl AC_MSG_RESULT(no)
786dnl )
787
788AC_ARG_ENABLE(static,
789 [ --enable-static enable static linking (recommended) [[no]]],
790 [
791 if test x$enable_static = xyes; then
792 if test x"$mynetbsd" = xyes
793 then
794 tmp_LIBS=`echo $LIBS | sed 's%\-lresolv%%' `
795 LIBS="${tmp_LIBS}"
796 fi
797 AC_DEFINE(SH_COMPILE_STATIC, 1, [Define if compiling static])
798 if test "x$GCC" = "xyes"; then
799 LDFLAGS="$LDFLAGS -static"
800 else
801 case "$host_os" in
802
803 *aix*)
804 LDFLAGS="$LDFLAGS -bnso -bI:/lib/syscalls.exp"
805 ;;
806
807 *hpux*)
808 LDFLAGS="$LDFLAGS -Wl,-a,archive"
809 ;;
810
811 *osf*)
812 LDFLAGS="$LDFLAGS -non_shared"
813 ;;
814
815 *irix*)
816 LDFLAGS="$LDFLAGS -non_shared"
817 ;;
818
819 *sco*)
820 LDFLAGS="$LDFLAGS -dn"
821 ;;
822
823 *sun*)
824 LDFLAGS="$LDFLAGS -Bstatic"
825 ;;
826
827 *solaris*)
828 LDFLAGS="$LDFLAGS -Bstatic"
829 ;;
830
831 *)
832 echo "***********************************************"
833 echo "*"
834 echo "* Don't know how to enable static linking"
835 echo "* with your compiler. Please set the environment"
836 echo "* variable LDFLAGS to:"
837 echo "* ${LDFLAGS} + the static linking flag"
838 echo "* and run configure again"
839 echo "*"
840 echo "***********************************************"
841 ;;
842
843 esac
844 fi
845 fi
846 ]
847)
848
849#
850# partly based on the snort configure.in
851#
852AC_ARG_WITH(database,
853 [ --with-database=[[mysql|postgresql|oracle|odbc]] database support [[no]]],
854 [
855 if test x"$enable_xml_log" != xyes; then
856 AC_MSG_ERROR([--with-database: --enable-xml-log required])
857 fi
858 if test "x${withval}" = "xmysql"; then
859 AC_CHECK_PROG(HAVE_MYSQL_CONFIG, mysql_config, yes, no)
860 if test "$HAVE_MYSQL_CONFIG" = "yes"; then
861 # echo "mysql_config found"
862 sh_mysql_libs="`mysql_config --libs`"
863 # echo ${sh_mysql_libs}
864 sh_mysql_libs="`eval echo ${sh_mysql_libs}`"
865 # echo $mysql_libs
866 # save_libs="$LIBS"
867 # LIBS="$LIBS `mysql_config --libs`"
868 # echo $LIBS
869 LIBS="$LIBS ${sh_mysql_libs}"
870 # echo $LIBS
871 sh_mysql_cflags="`mysql_config --cflags`"
872 sh_mysql_cflags="`eval echo ${sh_mysql_cflags}`"
873 # CFLAGS="$CFLAGS `mysql_config --cflags`"
874 # CFLAGS="$CFLAGS ${sh_mysql_cflags}"
875 CPPFLAGS="$CPPFLAGS ${sh_mysql_cflags}"
876 else
877 AC_MSG_CHECKING(for MySQL in /usr /usr/local /usr/local/mysql MYSQL_HOME)
878 mysql_directory="/usr /usr/local /usr/local/mysql ${MYSQL_HOME}"
879
880 for i in $mysql_directory; do
881 if test -r $i/include/mysql/mysql.h; then
882 MYSQL_DIR=$i
883 MYSQL_INC_DIR=$i/include
884 # we use AC_CHECK_HEADERS to check for mysql/mysql.h
885 fi
886 done
887 if test -z "$MYSQL_DIR"; then
888 for i in $mysql_directory; do
889 if test -r $i/include/mysql.h; then
890 MYSQL_DIR=$i
891 MYSQL_INC_DIR=$i/include
892 fi
893 done
894 fi
895
896 if test -z "$MYSQL_DIR"; then
897 tmp=""
898 for i in $mysql_directory; do
899 tmp="$tmp $i/include $i/include/mysql"
900 done
901 FAIL_MESSAGE("mysql headers (mysql.h)", $tmp)
902 fi
903
904 for i in lib lib/mysql; do
905 str="$MYSQL_DIR/$i/libmysqlclient.*"
906 for j in `echo $str`; do
907 if test -r $j; then
908 MYSQL_LIB_DIR="$MYSQL_DIR/$i"
909 break 2
910 fi
911 done
912 done
913
914 if test -z "$MYSQL_LIB_DIR"; then
915 for ff in $mysql_directory; do
916 for i in lib lib/mysql; do
917 str="$ff/$i/libmysqlclient.*"
918 for j in `echo $str`; do
919 if test -r $j; then
920 MYSQL_LIB_DIR="$ff/$i"
921 break 3
922 fi
923 done
924 done
925 done
926 fi
927
928 if test -z "$MYSQL_LIB_DIR"; then
929 tmp=""
930 for i in $mysql_directory; do
931 tmp="$i/lib $i/lib/mysql"
932 done
933 FAIL_MESSAGE("mysql library libmysqlclient", $tmp)
934 fi
935
936 AC_MSG_RESULT(yes)
937 LIBS="$LIBS -L${MYSQL_LIB_DIR} -lmysqlclient"
938 # CFLAGS="$CFLAGS -I${MYSQL_INC_DIR}"
939 CPPFLAGS="$CPPFLAGS -I${MYSQL_INC_DIR}"
940 fi
941 AC_DEFINE(WITH_MYSQL)
942 AC_DEFINE(WITH_DATABASE)
943 AC_CHECK_LIB(z, inflateEnd, [zlib_cv_libz=yes], [zlib_cv_libz=no])
944 AC_MSG_CHECKING(for zlib)
945 if test "$zlib_cv_libz" = "yes"
946 then
947 LIBS="$LIBS -lz -lm"
948 AC_MSG_RESULT(ok)
949 else
950 AC_MSG_RESULT(failed)
951 echo
952 echo " Either the mysql or the zlib library was not found"
953 echo " or was unusable, maybe because an old, incompatible"
954 echo " version is installed on your system, eg compiled from"
955 echo " source long time ago. See config.log for the error"
956 echo " message from the compiler."
957 echo " Please review your installed mysql and zlib libraries"
958 echo " and/or use --with-libs=-L/path/to/libdirectory"
959 echo " where libdirectory is the directory holding libmysql"
960 echo " or libz."
961 if test x"$enable_static" = xyes; then
962 echo " Note that for compiling a static binary, you need"
963 echo " the static libraries, rather than the shared ones."
964 fi
965 echo
966 AC_MSG_ERROR([libmysql or zlib not found or unuseable])
967 fi
968 AC_CHECK_HEADERS(mysql/mysql.h)
969 elif test "x${withval}" = "xpostgresql"; then
970 AC_DEFINE(WITH_POSTGRES)
971 AC_DEFINE(WITH_DATABASE)
972 #
973 PGCONF="no"
974 MY_PATH="${PATH}:/usr/local/bin:/usr/local/pgsql/bin"
975 OLD_IFS="$IFS"
976 IFS=":"
977 for ff in ${MY_PATH}
978 do
979 if test -f "$ff/pg_config"
980 then
981 PGCONF="$ff/pg_config"
982 fi
983 done
984 IFS="${OLD_IFS}"
985 #
986 #
987 if test "x${PGCONF}" = "xno"
988 then
989 AC_MSG_CHECKING(for PostgreSQL in /usr/local/pgsql /usr/pgsql /usr/local /usr PGSQL_HOME)
990 pgsql_directory="/usr/local/pgsql /usr/pgsql /usr/local /usr ${PGSQL_HOME}"
991 for i in $pgsql_directory; do
992 if test -r $i/include/pgsql/libpq-fe.h; then
993 PGSQL_INC_DIR=$i/include
994 PGSQL_DIR=$i
995 # use AC_CHECK_HEADERS to check for pgsql/libpq-fe.h
996 fi
997 done
998 if test -z "$PGSQL_DIR"; then
999 for i in $pgsql_directory; do
1000 if test -r $i/include/libpq-fe.h; then
1001 PGSQL_INC_DIR=$i/include
1002 PGSQL_DIR=$i
1003 fi
1004 done
1005 fi
1006
1007 if test -z "$PGSQL_DIR"; then
1008 tmp=""
1009 for i in $pgsql_directory; do
1010 tmp="$tmp $i/include $i/include/pgsql"
1011 done
1012 FAIL_MESSAGE("PostgreSQL header file (libpq-fe.h)", $tmp)
1013 fi
1014
1015 for i in lib lib/pgsql; do
1016 str="$PGSQL_DIR/$i/libpq.*"
1017 for j in `echo $str`; do
1018 if test -r $j; then
1019 PGSQL_LIB_DIR="$PGSQL_DIR/$i"
1020 break 2
1021 fi
1022 done
1023 done
1024
1025 if test -z "$PGSQL_LIB_DIR"; then
1026 for ff in $pgsql_directory; do
1027 for i in lib lib/pgsql; do
1028 str="$ff/$i/libpq.*"
1029 for j in `echo $str`; do
1030 if test -r $j; then
1031 PGSQL_LIB_DIR="$ff/$i"
1032 break 3
1033 fi
1034 done
1035 done
1036 done
1037 fi
1038
1039 if test -z "$PGSQL_LIB_DIR"; then
1040 tmp=""
1041 for i in $pgsql_directory; do
1042 tmp="$i/lib $i/lib/pgsql"
1043 done
1044 FAIL_MESSAGE("postgresql library libpq", $tmp)
1045 fi
1046
1047 AC_MSG_RESULT(yes)
1048
1049 LIBS="$LIBS -L${PGSQL_LIB_DIR} -lpq -lm"
1050 if test x"$enable_static" = xyes; then
1051 LIBS="$LIBS -L${PGSQL_LIB_DIR} -lpq -lcrypt -lm"
1052 else
1053 LIBS="$LIBS -L${PGSQL_LIB_DIR} -lpq -lm"
1054 fi
1055 # CFLAGS="$CFLAGS -I${PGSQL_INC_DIR}"
1056 CPPFLAGS="$CPPFLAGS -I${PGSQL_INC_DIR}"
1057 AC_CHECK_HEADERS(pgsql/libpq-fe.h)
1058 else
1059 pg_lib_dir=`${PGCONF} --libdir`
1060 if test x"$enable_static" = xyes; then
1061 LIBS="$LIBS -L${pg_lib_dir} -lpq -lcrypt -lm"
1062 else
1063 LIBS="$LIBS -L${pg_lib_dir} -lpq -lm"
1064 fi
1065 pg_inc_dir=`${PGCONF} --includedir`
1066 # CFLAGS="$CFLAGS -I${pg_inc_dir}"
1067 CPPFLAGS="$CPPFLAGS -I${pg_inc_dir}"
1068 fi
1069 elif test "x${withval}" = "xodbc"; then
1070 AC_MSG_CHECKING(for odbc in /usr /usr/local ODBC_HOME)
1071 odbc_directory="/usr /usr/local"
1072
1073 for i in $odbc_directory; do
1074 if test -r $i/include/sql.h; then
1075 if test -r $i/include/sqlext.h; then
1076 if test -r $i/include/sqltypes.h; then
1077 ODBC_DIR=$i
1078 ODBC_INC_DIR=$i/include
1079 fi
1080 fi
1081 fi
1082 done
1083
1084 if test -z "$ODBC_DIR"; then
1085 tmp=""
1086 for i in $odbc_directory; do
1087 tmp="$tmp $i/include"
1088 done
1089 FAIL_MESSAGE("odbc headers (sql.h sqlext.h sqltypes.h)", $tmp)
1090 fi
1091
1092 str="$ODBC_DIR/lib/libodbc.*"
1093 for j in `echo $str`; do
1094 if test -r $j; then
1095 ODBC_LIB_DIR="$ODBC_DIR/lib"
1096 ODBC_LIB="odbc"
1097 fi
1098 done
1099
1100 if test -z "$ODBC_LIB_DIR"; then
1101 FAIL_MESSAGE("odbc library (libodbc)", "$ODBC_DIR/lib")
1102 fi
1103
1104 AC_MSG_RESULT(yes)
1105 CPPFLAGS="${CPPFLAGS} -I${ODBC_INC_DIR}"
1106 LIBS="${LIBS} -L${ODBC_LIB_DIR} -l$ODBC_LIB"
1107 AC_DEFINE(WITH_ODBC)
1108 AC_DEFINE(WITH_DATABASE)
1109
1110 elif test "x${withval}" = "xoracle"; then
1111 AC_MSG_CHECKING(for oracle in /usr /usr/local ORACLE_HOME)
1112 oracle_directory="/usr /usr/local ${ORACLE_HOME}"
1113 for i in $oracle_directory; do
1114 if test -r $i/rdbms/demo/oci.h; then
1115 ORACLE_DIR=$i
1116 fi
1117 done
1118
1119 if test -z "$ORACLE_DIR"; then
1120 tmp=""
1121 for i in $oracle_directory; do
1122 tmp="$tmp $i/rdbms/demo"
1123 done
1124 FAIL_MESSAGE("OCI header file (oci.h)", $tmp)
1125 else
1126 for i in rdbms/demo rdbms/public network/public; do
1127 ORACLE_CPP_FLAGS="$ORACLE_CPP_FLAGS -I$ORACLE_DIR/$i"
1128 done
1129 ORACLE_LIB_DIR="$ORACLE_DIR/lib"
1130 AC_MSG_RESULT(yes)
1131
1132 CPPFLAGS="${CPPFLAGS} ${ORACLE_CPP_FLAGS}"
1133
1134 ORACLE_LIBS="-lclntsh"
1135 if test -r $ORACLE_LIB_DIR/libwtc9.so; then
1136 ORACLE_LIBS="${ORACLE_LIBS} -lwtc9"
1137 elif test -r $ORACLE_LIB_DIR/libwtc8.so; then
1138 ORACLE_LIBS="${ORACLE_LIBS} -lwtc8"
1139 fi
1140 LIBS="${LIBS} -L${ORACLE_LIB_DIR} ${ORACLE_LIBS}"
1141 if test "x$GCC" != "xyes"; then
1142 CFLAGS="${CFLAGS} -fno-strict-aliasing"
1143 fi
1144 fi
1145 AC_DEFINE(WITH_ORACLE)
1146 AC_DEFINE(WITH_DATABASE)
1147
1148 else
1149 AC_MSG_ERROR([--with-database: unsupported database ${withval}])
1150 fi
1151 ]
1152)
1153
1154AC_ARG_WITH(console,
1155 [ --with-console=PATH set path to console device [[/dev/console]]],
1156 [
1157 if test "x${withval}" != xno; then
1158 mycons="$withval"
1159 AC_DEFINE_UNQUOTED(DEFAULT_CONSOLE, _("${mycons}") )
1160 fi
1161 ])
1162
1163AC_ARG_WITH(altconsole,
1164 [ --with-altconsole=PATH set path to second console device [[none]]],
1165 [
1166 if test "x${withval}" != xno; then
1167 myaltcons="$withval"
1168 else
1169 myaltcons="NULL"
1170 fi
1171 ],
1172 [myaltcons="NULL"])
1173AC_DEFINE_UNQUOTED(ALT_CONSOLE, _("${myaltcons}") )
1174
1175AC_ARG_WITH(timeserver,
1176 [ --with-timeserver=HOST set host address for time server [[none]]],
1177 [
1178 if test "x${withval}" != xno; then
1179 mytimeserv="$withval"
1180 AC_DEFINE(HAVE_NTIME)
1181 else
1182 mytimeserv="NULL"
1183 fi
1184 ],
1185 mytimeserv="NULL")
1186AC_DEFINE_UNQUOTED(DEFAULT_TIMESERVER, _("${mytimeserv}") )
1187
1188AC_ARG_WITH(alttimeserver,
1189 [ --with-alttimeserver=HOST set address for backup time server [[none]]],
1190 [
1191 if test "x${withval}" != xno; then
1192 myalttimeserv="$withval"
1193 AC_DEFINE(HAVE_NTIME)
1194 else
1195 myalttimeserv="NULL"
1196 fi
1197 ],
1198 myalttimeserv="NULL")
1199AC_DEFINE_UNQUOTED(ALT_TIMESERVER, _("${myalttimeserv}") )
1200
1201AC_ARG_ENABLE(login-watch,
1202 [ --enable-login-watch watch for login/logout [[no]]],
1203 [
1204 if test "x${enable_login_watch}" = xyes; then
1205 AC_DEFINE(SH_USE_UTMP)
1206 fi
1207 ]
1208)
1209
1210AC_ARG_ENABLE(mounts-check,
1211 [ --enable-mounts-check check mount options on filesystems [[no]]],
1212 [
1213 if test "x${enable_mounts_check}" = xyes; then
1214 AC_DEFINE(SH_USE_MOUNTS)
1215 fi
1216 ]
1217)
1218
1219AC_ARG_ENABLE(userfiles,
1220 [ --enable-userfiles check for users' config files [[no]]],
1221 [
1222 if test "x${enableval}" = "xyes"; then
1223 AC_DEFINE(SH_USE_USERFILES)
1224 fi
1225 ]
1226)
1227
1228AC_ARG_ENABLE(debug,
1229 [ --enable-debug enable debug options [[no]]],
1230 [
1231 if test "x${enable_debug}" = "xyes"; then
1232 if test "x${mydebugflag}" != "xyes"; then
1233 AC_DEFINE(MEM_DEBUG)
1234 fi
1235 AC_DEFINE(WITH_TPT)
1236 AC_DEFINE(SL_DEBUG)
1237 AC_DEFINE(SL_FAIL_ON_ERROR)
1238 if test "x${myneedg3}" = "xyes"; then
1239 mydebugdef="-g3"
1240 else
1241 mydebugdef="-g"
1242 fi
1243 mydebugit="yes"
1244 fi
1245 ]
1246)
1247AC_SUBST(mydebugdef)
1248
1249AC_ARG_ENABLE(ptrace,
1250 [ --enable-ptrace use anti-debugger options [[no]]],
1251 [
1252 if test "x${enable_ptrace}" = xyes; then
1253 if test "x$mydebugit" != "xyes"; then
1254 AC_DEFINE(SCREW_IT_UP)
1255 fi
1256 fi
1257 ]
1258)
1259
1260dnl
1261if test "x$GCC" = "xyes"; then
1262 if test ! -z "`echo "$CFLAGS" | grep "\-g\ " 2> /dev/null`" ; then
1263 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
1264 fi
1265
1266dnl if test ! -z "`echo "$CFLAGS" | grep "\-O2" 2> /dev/null`" ; then
1267dnl CFLAGS=`echo $CFLAGS | sed 's%\-O2%\-O3%' `
1268dnl fi
1269
1270 if test -z "`echo "$CFLAGS" | grep "\-Wall" 2> /dev/null`" ; then
1271 CFLAGS="$CFLAGS -Wall -W "
1272 fi
1273
1274 if test -z "`echo "$CFLAGS" | grep "\-fstrength\-reduce" 2> /dev/null`"
1275 then
1276 if test -z "`echo "$CFLAGS" | grep "\-fno\-strength\-reduce" 2> /dev/null`"
1277 then
1278 CFLAGS="$CFLAGS -fno-strength-reduce"
1279 fi
1280 fi
1281
1282 if test -z "`echo "$CFLAGS" | grep "\-fomit\-frame\-pointer" 2> /dev/null`"
1283 then
1284 if test -z "`echo "$CFLAGS" | grep "\-fno\-omit\-frame\-pointer" 2> /dev/null`"
1285 then
1286 CFLAGS="$CFLAGS -fno-omit-frame-pointer"
1287 fi
1288 fi
1289
1290fi
1291
1292AC_MSG_CHECKING([which random module to use])
1293AC_ARG_WITH(rnd,
1294 [ --with-rnd=[[egd|unix|dev|default]] random number generator [[default]]],
1295[use_static_rnd=$withval], [use_static_rnd=default] )
1296
1297if test "$use_static_rnd" = no; then
1298 use_static_rnd=default
1299fi
1300
1301case "$use_static_rnd" in
1302 egd | dev | unix | default )
1303 AC_MSG_RESULT($use_static_rnd)
1304 ;;
1305 * )
1306 AC_MSG_RESULT([invalid argument])
1307 AC_MSG_ERROR([--with-rnd: there is no random module ${use_static_rnd}])
1308 ;;
1309esac
1310
1311AC_ARG_WITH(egd-socket,
1312 [ --with-egd-socket=NAME EGD socket name],
1313 egd_socket_name="$withval", egd_socket_name="" )
1314AC_DEFINE_UNQUOTED(EGD_SOCKET_NAME, _("$egd_socket_name") )
1315
1316dnl
1317dnl See whether the user wants to disable checking for /dev/random
1318
1319try_dev_random=yes
1320
1321case "$use_static_rnd" in
1322dev | default )
1323 try_dev_random=yes
1324 ;;
1325egd)
1326 AC_DEFINE(HAVE_EGD_RANDOM)
1327 try_dev_random=no
1328 ;;
1329unix)
1330 AC_DEFINE(HAVE_UNIX_RANDOM)
1331 try_dev_random=no
1332 ;;
1333esac
1334
1335
1336if test "x$try_dev_random" = "xyes"; then
1337 AC_MSG_CHECKING(whether /dev/random exists)
1338 if test -r "/dev/srandom" && test -c "/dev/srandom"; then
1339 AC_DEFINE(HAVE_URANDOM)
1340 AC_DEFINE_UNQUOTED(NAME_OF_DEV_RANDOM, _("/dev/srandom") )
1341 AC_MSG_RESULT(yes)
1342 if test -r "/dev/urandom" && test -c "/dev/urandom"; then
1343 AC_DEFINE_UNQUOTED(NAME_OF_DEV_URANDOM, _("/dev/urandom") )
1344 fi
1345 else
1346 if test -r "/dev/random" && test -c "/dev/random"; then
1347 AC_DEFINE(HAVE_URANDOM)
1348 AC_DEFINE_UNQUOTED(NAME_OF_DEV_RANDOM, _("/dev/random") )
1349 AC_MSG_RESULT(yes)
1350 if test -r "/dev/urandom" && test -c "/dev/urandom"; then
1351 AC_DEFINE_UNQUOTED(NAME_OF_DEV_URANDOM, _("/dev/urandom") )
1352 fi
1353 else
1354 AC_MSG_RESULT(no)
1355 AC_DEFINE(HAVE_UNIX_RANDOM)
1356 fi
1357 fi
1358fi
1359
1360
1361dnl
1362dnl NETWORK OPTIONS
1363dnl
1364
1365
1366AC_ARG_ENABLE(network,
1367 [ --enable-network=[[client|server]] compile client or server [[no]]],
1368 [
1369 if test "x$enable_network" = xclient; then
1370 mytclient="-DSH_WITH_CLIENT"
1371 yulectl_prg=
1372 setpwd_prg="samhain_setpwd"
1373 sh_main_prg="samhain"
1374 if test "x${sh_have_gmp}" = xyes
1375 then
1376 LIBS="-lgmp $LIBS"
1377 fi
1378dnl AC_CHECK_HEADER(sys/capability.h,
1379dnl [AC_CHECK_LIB(cap, cap_get_proc,,sh_use_lcaps="no")],
1380dnl [sh_use_lcaps="no"])
1381 elif test "x$enable_network" = xserver; then
1382 mytclient="-DSH_WITH_SERVER"
1383 yulectl_prg="yulectl"
1384 setpwd_prg="samhain_setpwd"
1385 sh_main_prg="yule"
1386 if test "x${sh_have_gmp}" = xyes
1387 then
1388 LIBS="-lgmp $LIBS"
1389 fi
1390 sh_use_lcaps="undef"
1391 elif test "x$enable_network" = xno; then
1392 mytclient="-DSH_STANDALONE"
1393 yulectl_prg=
1394 setpwd_prg=
1395 sh_main_prg="samhain"
1396dnl AC_CHECK_HEADER(sys/capability.h,
1397dnl [AC_CHECK_LIB(cap, cap_get_proc,,sh_use_lcaps="no")],
1398dnl [sh_use_lcaps="no"])
1399 else
1400 AC_MSG_ERROR([--enable-network=WHAT: WHAT must be client, server, or no])
1401 fi
1402 ],
1403 [
1404 mytclient="-DSH_STANDALONE"
1405 setpwd_prg=
1406 yulectl_prg=
1407 sh_main_prg="samhain"
1408dnl AC_CHECK_HEADER(sys/capability.h,
1409dnl [AC_CHECK_LIB(cap, cap_get_proc,,sh_use_lcaps="no")],
1410dnl [sh_use_lcaps="no"])
1411 ],
1412)
1413AC_SUBST(setpwd_prg)
1414AC_SUBST(yulectl_prg)
1415AC_SUBST(sh_main_prg)
1416AC_SUBST(mytclient)
1417
1418# needed for the rpm spec
1419clmytclient=`echo ${mytclient} | sed s%\-%%`
1420AC_SUBST(clmytclient)
1421
1422AC_ARG_ENABLE(udp,
1423 [ --enable-udp server can listen on port 514/udp [[no]]],
1424 [
1425 if test "x${enable_udp}" = xyes; then
1426 AC_DEFINE(INET_SYSLOG)
1427 fi
1428 ]
1429)
1430
1431myencrypt=yes
1432AC_ARG_ENABLE(encrypt,
1433 [ --disable-encrypt disable client/server encryption],
1434 [
1435 if test "x${enable_encrypt}" = xno; then
1436 myencrypt=no
1437 elif test "x${enable_encrypt}" = "x1"; then
1438 myencrypt=1
1439 fi
1440 ]
1441)
1442if test "x${myencrypt}" = "xyes"; then
1443 AC_DEFINE(SH_ENCRYPT)
1444 AC_DEFINE(SH_ENCRYPT_2)
1445elif test "x${myencrypt}" = "x1"; then
1446 AC_DEFINE(SH_ENCRYPT)
1447fi
1448
1449sh_use_srp_proto=yes
1450AC_ARG_ENABLE(srp,
1451 [ --disable-srp disable SRP for authentication],
1452 [
1453 if test "x${enable_srp}" = xno; then
1454 sh_use_srp_proto=no
1455 fi
1456 ]
1457)
1458if test "x${sh_use_srp_proto}" = xyes; then
1459 AC_DEFINE(USE_SRP_PROTOCOL)
1460fi
1461
1462AC_ARG_WITH(port,
1463 [ --with-port=PORT set port to use for TCP/IP connection [[49777]]],
1464 [
1465 echo "${withval}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
1466 AC_MSG_ERROR([--with-port: PORT must be numeric])
1467 myport=${withval}
1468 ],
1469 [myport="49777"])
1470AC_DEFINE_UNQUOTED(SH_DEFAULT_PORT, ${myport})
1471AC_SUBST(myport)
1472
1473AC_ARG_WITH(logserver,
1474 [ --with-logserver=HOST set host address for log server [[none]]],
1475 [
1476 case "$withval" in
1477 *.* | localhost)
1478 mylogsrv="$withval"
1479 ;;
1480 *)
1481 mylogsrv="$withval"
1482 ;;
1483 esac
1484 ],
1485 [mylogsrv="NULL"])
1486AC_DEFINE_UNQUOTED(DEFAULT_LOGSERVER, _("${mylogsrv}") )
1487AC_SUBST(mylogsrv)
1488
1489AC_ARG_WITH(altlogserver,
1490 [ --with-altlogserver=HOST set address for backup log server [[none]]],
1491 [
1492 case "$withval" in
1493 *.* | localhost)
1494 myaltlogsrv="$withval"
1495 ;;
1496 *)
1497 myaltlogsrv="$withval"
1498 ;;
1499 esac
1500 ],
1501 [myaltlogsrv="NULL"])
1502AC_DEFINE_UNQUOTED(ALT_LOGSERVER, _("${myaltlogsrv}"))
1503
1504
1505
1506dnl
1507dnl STEALTH OPTIONS
1508dnl
1509nocl_code=
1510xor_code=0
1511AC_ARG_ENABLE(nocl,
1512 [ --enable-nocl=PW no CL parsing unless first CL argument is PW],
1513 [
1514 if test "x${enableval}" != "x"; then
1515 AC_DEFINE(SH_STEALTH_NOCL)
1516 fi
1517 if test "x${enableval}" = "xstop" || test "x${enableval}" = "xstart"; then
1518 AC_MSG_ERROR([--enable-nocl: start/stop/reload/restart/status are reserved words])
1519 fi
1520 if test "x${enableval}" = "xreload" || test "x${enableval}" = "xrestart"; then
1521 AC_MSG_ERROR([--enable-nocl: start/stop/reload/restart/status are reserved words])
1522 fi
1523 if test "x${enableval}" = "xstatus"; then
1524 AC_MSG_ERROR([--enable-nocl: start/stop/reload/restart/status are reserved words])
1525 fi
1526 if test "x${enableval}" = "xno"; then
1527 AC_MSG_ERROR([--enable-nocl: use of --enable-nocl=no is ambiguous])
1528 fi
1529 nocl_code="${enable_nocl}"
1530 ]
1531)
1532AC_DEFINE_UNQUOTED(NOCL_CODE, _("${nocl_code}") )
1533AC_SUBST(nocl_code)
1534AC_ARG_ENABLE(stealth,
1535 [ --enable-stealth=XOR_VAL enable stealth mode [[no]]],
1536 [AC_DEFINE(SH_STEALTH)
1537 if test "x${enableval}" != "xyes"; then
1538 echo "${enableval}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
1539 AC_MSG_ERROR([--enable-stealth: XOR_VAL must be numeric])
1540 if test "${enableval}" -lt 127 || test "${enableval}" -gt 255; then
1541 if test x"${enableval}" = x0
1542 then
1543 :
1544 else
1545 AC_MSG_ERROR([--enable-stealth: XOR_VAL must be in the range 127 to 255])
1546 fi
1547 fi
1548 xor_code="${enable_stealth}"
1549 else
1550 xor_code=0
1551 fi
1552 stegin_prg="samhain_stealth"
1553 ],
1554 [
1555 stegin_prg=
1556 ]
1557)
1558AC_ARG_ENABLE(micro-stealth,
1559 [ --enable-micro-stealth=XOR_VAL enable micro stealth mode [[no]]],
1560 [
1561 AC_DEFINE(SH_STEALTH)
1562 AC_DEFINE(SH_STEALTH_MICRO)
1563 if test "x${enableval}" != "xyes"; then
1564 echo "${enableval}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
1565 AC_MSG_ERROR([--enable-micro-stealth: XOR_VAL must be numeric])
1566 if test "${enableval}" -lt 127 || test "${enableval}" -gt 255; then
1567 if test x"${enableval}" = x0
1568 then
1569 :
1570 else
1571 AC_MSG_ERROR([--enable-micro-stealth: XOR_VAL must be in the range 127 to 255])
1572 fi
1573 fi
1574 xor_code="${enable_micro_stealth}"
1575 else
1576 xor_code=0
1577 fi
1578 ]
1579)
1580install_name="samhain"
1581INSTALL_NAME="SAMHAIN"
1582AC_ARG_ENABLE(install-name,
1583 [ --enable-install-name=NAME name under which to install [[samhain|yule]]],
1584 [
1585 if test "x${enableval}" != "xyes"; then
1586 install_name="${enableval}"
1587 INSTALL_NAME=`echo "${enableval}" | tr [a-z] [A-Z]`
1588 else
1589 install_name="${sh_main_prg}"
1590 INSTALL_NAME=`echo "${sh_main_prg}" | tr [a-z] [A-Z]`
1591 fi
1592 ],
1593 [
1594 install_name="${sh_main_prg}"
1595 INSTALL_NAME=`echo "${sh_main_prg}" | tr [a-z] [A-Z]`
1596 ]
1597)
1598
1599
1600need_user_install=0
1601
1602AC_ARG_ENABLE(identity,
1603 [ --enable-identity=USER user if dropping root [[daemon]]],
1604 [
1605 if test x"$enableval" = xno; then
1606 myident="daemon"
1607 else
1608 myident="$enableval"
1609 fi
1610 echo "${myident}" | grep ['[^0123456789]'] >/dev/null 2>&1 || \
1611 AC_MSG_ERROR([--enable-identity: need username, not UID])
1612 myident_uid=`(cat /etc/passwd; ypcat passwd) 2>/dev/null |\
1613 grep "^${myident}:" | awk -F: '{ print $3; }'`
1614 if test x"${myident_uid}" = x; then
1615 AC_MSG_WARN([--enable-identity: user ${myident} will be added upon install])
1616 need_user_install=1
1617 fi
1618 ],
1619 [
1620 for myident in ${install_name} daemon nobody; do
1621 AC_MSG_CHECKING(for user ${myident})
1622 myident_uid=`(cat /etc/passwd; ypcat passwd) 2>/dev/null |\
1623 grep "^${myident}:" | awk -F: '{ print $3; }'`
1624 if test x"${myident_uid}" != x; then
1625 AC_MSG_RESULT(yes)
1626 break;
1627 else
1628 AC_MSG_RESULT(no)
1629 fi
1630 done
1631 if test x"${myident_uid}" = x; then
1632 myident=${install_name}
1633 AC_MSG_WARN([--enable-identity: user ${myident} will be added upon install])
1634 need_user_install=1
1635 fi
1636 ])
1637AC_DEFINE_UNQUOTED(DEFAULT_IDENT, _("${myident}") )
1638AC_SUBST(myident)
1639AC_SUBST(need_user_install)
1640
1641sh_insmod_cmd=": # no kernel module"
1642sh_lkm=""
1643lkm_inc=""
1644khidemap="/boot/System.map"
1645sh_syscalltable="0x0"
1646AC_ARG_ENABLE(khide,
1647 [ --enable-khide=SYSTEM_MAP use kernel module to hide (Linux only)[[/boot/System.map]]],
1648 [
1649 if test "x${enable_khide}" != xno; then
1650 if test "x${enableval}" != "xyes"; then
1651 khidemap="${enableval}"
1652 fi
1653 sh_syscalltable=`egrep '(D|d|R|r) sys_call_table' ${khidemap} | awk '{print $1}'`
1654 if test x"$sh_syscalltable" = x; then
1655 AC_MSG_ERROR([--enable-khide: symbol sys_call_table not found in ${khidemap}])
1656 fi
1657 sh_syscalltable="0x${sh_syscalltable}"
1658 install_name_len=`echo ${install_name} | awk '{ print(length()); }'`
1659 if test "${install_name_len}" -gt 15 ; then
1660 AC_MSG_ERROR([--enable-khide: install_name exceeds 15 char length limit])
1661 fi
1662 AC_DEFINE(SH_USE_LKM)
1663 AC_DEFINE_UNQUOTED(SH_MAGIC_HIDE, "${install_name}")
1664
1665 # -- NEW --
1666 kernel_version=`uname -r | sed s,2.6.*,LINUX26,`
1667 if test x"$kernel_version" = xLINUX26
1668 then
1669 sh_modlist_lock=`egrep ['[bd] modlist_lock$'] ${khidemap} | awk '{print $1}'`
1670 if test x"$sh_modlist_lock" = x; then
1671 AC_MSG_ERROR([--enable-khide: symbol modlist_lock not found in ${khidemap}])
1672 fi
1673 sh_modlist_lock="0x${sh_modlist_lock}"
1674 AC_DEFINE_UNQUOTED(SH_MODLIST_LOCK, ${sh_modlist_lock}, [The address of the modules list spinlock])
1675
1676 sh_list_modules=`egrep 'd modules$' ${khidemap} | awk '{print $1}'`
1677 if test x"$sh_list_modules" = x; then
1678 AC_MSG_ERROR([--enable-khide: symbol modules not found in ${khidemap}])
1679 fi
1680 sh_list_modules="0x${sh_list_modules}"
1681 AC_DEFINE_UNQUOTED(SH_LIST_MODULES, ${sh_list_modules}, [The address of the modules list])
1682
1683 AC_DEFINE(LINUX26, 1, [Define if kernel is 2.6])
1684 sh_insmod_cmd="modprobe ${install_name}_hide"
1685 sh_lkm="samhain_hide.ko"
1686 else
1687 sh_insmod_cmd="insmod ${install_name}_hide; insmod ${install_name}_erase; rmmod ${install_name}_erase"
1688 sh_lkm="samhain_hide.o samhain_erase.o"
1689 fi
1690 # -- END NEW --
1691
1692 kvers=`uname -r`
1693 if test -f /lib/modules/${kvers}/build/include/linux/kernel.h; then
1694 lkm_inc="-I/lib/modules/${kvers}/build/include"
1695 else
1696 AC_MSG_WARN([--enable-khide: /lib/modules/${kvers}/build/include/linux not found])
1697 AC_MSG_WARN([--enable-khide: You may need to install the kernel-source])
1698 AC_MSG_WARN([--enable-khide: headers for the currently-running kernel.])
1699 fi
1700 sh_is_vanilla_kernel=yes
1701 if test -f /lib/modules/${kvers}/build/include/linux/sched.h; then
1702 grep 'next_task,' /lib/modules/${kvers}/build/include/linux/sched.h >/dev/null 2>&1 || sh_is_vanilla_kernel=no
1703 fi
1704 if test x"${sh_is_vanilla_kernel}" = xno; then
1705 echo "This is not a 2.4 vanilla kernel"
1706 else
1707 AC_DEFINE(SH_VANILLA_KERNEL)
1708 fi
1709 fi
1710 ]
1711)
1712AC_SUBST(lkm_inc)
1713AC_SUBST(sh_lkm)
1714AC_SUBST(sh_insmod_cmd)
1715AC_SUBST(install_name)
1716AC_SUBST(INSTALL_NAME)
1717AC_SUBST(stegin_prg)
1718AC_SUBST(xor_code)
1719
1720AC_DEFINE_UNQUOTED(XOR_CODE, ${xor_code})
1721AC_DEFINE_UNQUOTED(SH_SYSCALLTABLE, ${sh_syscalltable})
1722
1723
1724exepack_state0=`${srcdir}/c_random.sh 2>/dev/null`
1725exepack_state1=`${srcdir}/c_random.sh 2>/dev/null`
1726exepack_state2=`${srcdir}/c_random.sh 2>/dev/null`
1727
1728AC_DEFINE_UNQUOTED(EXEPACK_STATE_0, ${exepack_state0})
1729AC_DEFINE_UNQUOTED(EXEPACK_STATE_1, ${exepack_state1})
1730AC_DEFINE_UNQUOTED(EXEPACK_STATE_2, ${exepack_state2})
1731
1732
1733AC_ARG_ENABLE(suidcheck,
1734 [ --enable-suidcheck check for suid/sgid files [[no]]],
1735 [
1736 if test "x${enableval}" = "xyes"; then
1737 AC_DEFINE(SH_USE_SUIDCHK)
1738 fi
1739 ]
1740)
1741
1742
1743systemmap="/boot/System.map"
1744sh_libkvm=""
1745AC_ARG_WITH(kcheck,
1746 [ --with-kcheck[[=SYSTEM_MAP]] check Linux/FreeBSD/OpenBSD kernel integrity [[/boot/System.map]]],
1747 [
1748 if test "x${withval}" != "xno"; then
1749 AC_DEFINE(SH_USE_KERN)
1750 kernelversion=`uname -r`
1751 AC_DEFINE_UNQUOTED(SH_KERNEL_VERSION, _("${kernelversion}"), [Define the kernel version])
1752 if test "x${withval}" != "xyes"; then
1753 systemmap="${withval}"
1754 fi
1755 if test "x${cross_compiling}" = xyes; then
1756 :
1757 elif test "x$selectconfig" = "xfreebsd"; then
1758 LIBS="$LIBS -lkvm"
1759 sh_libkvm="-lkvm"
1760 elif test -f "${systemmap}"; then
1761 :
1762 else
1763 AC_MSG_ERROR([--with-kcheck: cannot find system map ${systemmap}])
1764 fi
1765 fi
1766 ]
1767)
1768AC_SUBST(systemmap)
1769AC_SUBST(sh_libkvm)
1770
1771AC_ARG_ENABLE(base,
1772 [ --enable-base=B1,B2 base key (0...2147483647)],
1773 [
1774 AC_MSG_CHECKING(base key setting)
1775 my_key_A=`echo ${enableval} | awk 'BEGIN{FS=","}{print $1}'`
1776 my_key_B=`echo ${enableval} | awk 'BEGIN{FS=","}{print $2}'`
1777 AC_MSG_RESULT(${my_key_A} ${my_key_B})
1778 if test "x${my_key_A}" = x; then
1779 AC_MSG_ERROR([--enable-base: first base key has zero length])
1780 fi
1781 if test "x${my_key_B}" = x; then
1782 AC_MSG_ERROR([--enable-base: second base key has zero length])
1783 fi
1784 echo "${my_key_A}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
1785 AC_MSG_ERROR([--enable-base: base key must be numeric in the range 0 to 2147483647])
1786 echo "${my_key_B}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
1787 AC_MSG_ERROR([--enable-base: base key must be numeric in the range 0 to 2147483647])
1788 ],
1789 [
1790 AC_MSG_CHECKING(base key setting .. collecting entropy)
1791 my_key_1=`${srcdir}/c_random.sh 2>/dev/null`
1792 my_key_2=`${srcdir}/c_random.sh 2>/dev/null`
1793 my_key_3=`${srcdir}/c_random.sh 2>/dev/null`
1794 my_key_4=`${srcdir}/c_random.sh 2>/dev/null`
1795 my_key_A=`expr $my_key_1 \* 32767`
1796 my_key_A=`echo ${my_key_A} | sed 's%^0*%%g' 2>/dev/null`
1797 my_key_A=`expr $my_key_A \+ $my_key_2`
1798 my_key_B=`expr $my_key_3 \* 32767`
1799 my_key_B=`echo ${my_key_B} | sed 's%^0*%%g' 2>/dev/null`
1800 my_key_B=`expr $my_key_B \+ $my_key_4`
1801 AC_MSG_RESULT(${my_key_A} ${my_key_B})
1802 ]
1803 )
1804AC_SUBST(my_key_A)
1805AC_SUBST(my_key_B)
1806
1807dnl low bytes
1808my_key_1=`expr $my_key_A \% 65536`
1809dnl high bytes
1810my_key_2=`expr $my_key_A \/ 65536`
1811dnl low bytes
1812my_key_3=`expr $my_key_B \% 65536`
1813dnl high bytes
1814my_key_4=`expr $my_key_B \/ 65536`
1815
1816dnl echo ${my_key_1} ${my_key_2} ${my_key_3} ${my_key_4}
1817
1818dnl touch ./sh_MK.h
1819dnl echo "#ifndef SH_MK_H" >> ./sh_MK.h
1820dnl echo "#define SH_MK_H" >> ./sh_MK.h
1821dnl ${srcdir}/c_bits.sh ${my_key_1} MKB >> ./sh_MK.h
1822dnl ${srcdir}/c_bits.sh ${my_key_2} MKA >> ./sh_MK.h
1823dnl ${srcdir}/c_bits.sh ${my_key_3} MKC >> ./sh_MK.h
1824dnl ${srcdir}/c_bits.sh ${my_key_4} MKD >> ./sh_MK.h
1825dnl echo "#endif" >> ./sh_MK.h
1826AC_SUBST(my_key_1)
1827AC_SUBST(my_key_2)
1828AC_SUBST(my_key_3)
1829AC_SUBST(my_key_4)
1830
1831AC_MSG_CHECKING(key position)
1832pos_tf_1=`${srcdir}/c_random.sh 2>/dev/null`
1833pos_tf_2=`expr $pos_tf_1 \% 8`
1834pos_tf=`expr $pos_tf_2 + 1`
1835AC_MSG_RESULT(${pos_tf})
1836AC_DEFINE_UNQUOTED(POS_TF, ${pos_tf} )
1837
1838mykeybase=`echo ${my_key_A},${my_key_B}`
1839AC_DEFINE_UNQUOTED(DEFKEY, ${mykeybase} )
1840AC_SUBST(mykeybase)
1841
1842
1843dnl
1844dnl GPG/PGP options
1845dnl
1846
1847AC_ARG_WITH(gpg,
1848 [ --with-gpg=PATH use GnuPG to verify database/config [[no]]],
1849 [
1850 if test "x${withval}" != "xno"; then
1851 if test "x${cross_compiling}" = xyes; then
1852 mygpg="${withval}"
1853 else
1854 if test -f "${withval}"; then
1855 mygpg="${withval}"
1856 mychk0=`${withval} --load-extension tiger --print-md TIGER192 ${withval} 2>/dev/null`
1857 if test "x$?" != "x0"; then
1858 mychktest=no
1859 for sampre in ./samhain ./yule /usr/local/sbin/samhain /usr/local/bin/samhain /usr/bin/samhain /usr/sbin/samhain /usr/local/sbin/yule /usr/local/bin/yule /usr/bin/yule /usr/sbin/yule; do
1860 if test x"${mychktest}" = xyes
1861 then
1862 :
1863 else
1864 if test -f ${sampre}
1865 then
1866 echo "use existing ${sampre} for gpg checksum"
1867 mychk0=`${sampre} -H ${withval} 2>/dev/null`
1868 if test "x$?" != "x0"; then
1869 :
1870 else
1871 mychk="${mychk0}"
1872 mychktest=yes
1873 fi
1874 fi
1875 fi
1876 done
1877 if test x${mychktest} = xno; then
1878 AC_MSG_WARN([--with-gpg: cannot determine TIGER192 checksum of ${withval}])
1879 echo "-------------------------------------------------------------"
1880 echo " Your gpg binary does not support the TIGER192 checksum, "
1881 echo " and I cannot find an existing samhain binary to use instead."
1882 echo " You can:"
1883 echo " (a) run make to compile a samhain binary, then repeat"
1884 echo " ./configure and make"
1885 echo " (b) ignore the failure. The checksum of the gpg binary"
1886 echo " will not get compiled in, thus allowing an attacker"
1887 echo " to replace gpg with a trojan and subverting the gpg"
1888 echo " signature verification of configure and database files."
1889 echo "-------------------------------------------------------------"
1890 fi
1891 else
1892 mychk="${mychk0}"
1893 fi
1894 else
1895 AC_MSG_WARN([--with-gpg: cannot find GnuPG PATH=${withval}])
1896 fi
1897 fi
1898 AC_DEFINE(WITH_GPG)
1899 AC_DEFINE_UNQUOTED(DEFAULT_GPG_PATH, _("${mygpg}") )
1900 AC_SUBST(mygpg)
1901 fi
1902 ]
1903)
1904
1905dnl AC_ARG_WITH(pgp,
1906dnl [ --with-pgp=PATH Use PGP to verify database/config (no).],
1907dnl [myppg="$withval"
1908dnl AC_DEFINE(WITH_PGP)
1909dnl AC_DEFINE_UNQUOTED(DEFAULT_PGP_PATH, _("${myppg}") )
1910dnl ])
1911
1912AC_ARG_WITH(checksum,
1913 [ --with-checksum=CHKSUM compile in gpg/pgp checksum [[yes]]],
1914 [
1915 if test "x${withval}" != "xno"; then
1916 if test "x${withval}" != "xyes"; then
1917 if test "x${mychk}" != "x"; then
1918 if test "x${mychk}" != "x${withval}"; then
1919 AC_MSG_WARN([--with-checksum: possible gpg CHKSUM problem])
1920 AC_MSG_WARN([--with-checksum: CHKSUM=${withval}])
1921 AC_MSG_WARN([--with-checksum: autodetected=${mychk}])
1922 fi
1923 fi
1924 mychk="${withval}"
1925 else
1926 if test "x${mychk}" = "x"; then
1927 AC_MSG_ERROR([--with-checksum: gpg CHKSUM not specified])
1928 fi
1929 fi
1930 AC_DEFINE(HAVE_GPG_CHECKSUM)
1931 AC_DEFINE_UNQUOTED(GPG_HASH, _("${mychk}") )
1932 echo "${mychk}" | sed 's,.*:,,g' | sed 's, ,,g' | sed 's,\(.\),\1:,g' | awk '{ split($0, arr, ":"); m = length($1)/2; print "#ifndef CHKSUM_H"; print "#define CHKSUM_H"; print "char gpgchk[50];"; for (i=1; i <= m; i++) printf "gpgchk[%d] = %c%s%c;\n", i-1, 39, arr[i], 39; printf "gpgchk[48] = %c%c0%c;\n", 39, 92, 39; print "#endif"; }' > sh_gpg_chksum.h
1933 fi
1934 ],
1935 [
1936 if test "x${mygpg}" != "x"; then
1937 if test "x${mychk}" != "x"; then
1938 AC_DEFINE(HAVE_GPG_CHECKSUM)
1939 AC_DEFINE_UNQUOTED(GPG_HASH, _("${mychk}") )
1940 echo "${mychk}" | sed 's,.*:,,g' | sed 's, ,,g' | sed 's,\(.\),\1:,g' | awk '{ split($0, arr, ":"); m = length($1)/2; print "#ifndef CHKSUM_H"; print "#define CHKSUM_H"; print "char gpgchk[50];"; for (i=1; i <= m; i++) printf "gpgchk[%d] = %c%s%c;\n", i-1, 39, arr[i], 39; printf "gpgchk[48] = %c%c0%c;\n", 39, 92, 39; print "#endif"; }' > sh_gpg_chksum.h
1941 fi
1942 fi
1943 ]
1944)
1945
1946AC_ARG_WITH(fp,
1947 [ --with-fp=FINGERPRINT compile in public key fingerprint [[no]]],
1948 [
1949 if test "x${withval}" != "xno"; then
1950 if test "x${withval}" != "xyes"; then
1951 withval0=`echo ${withval} | sed 's% %%g'`
1952 echo "${withval0}" | \
1953 grep ['[^0123456789abcdefABCDEF]'] >/dev/null 2>&1 &&
1954 AC_MSG_ERROR([--with-fp: invalid character(s) in FINGERPRINT=${withval0}])
1955 sh_len=`echo ${withval0} | wc -c | sed 's% %%g'`
1956 sh_len0=`expr ${sh_len} \- 1`
1957 if test "x${sh_len0}" = "x40" || test "x${sh_len0}" = "x32"
1958 then
1959 myfp="${withval0}"
1960 AC_DEFINE(USE_FINGERPRINT)
1961 AC_DEFINE_UNQUOTED(SH_GPG_FP, _("${myfp}") )
1962 echo "${myfp}" | sed 's,.*:,,g' | sed 's, ,,g' | sed 's,\(.\),\1:,g' | awk '{ split($0, arr, ":"); m = length($1)/2; print "#ifndef FINGERPRINT_H"; print "#define FINGERPRINT_H"; printf "char gpgfp[%d];\n", m+1; for (i=1; i <= m; i++) printf "gpgfp[%d] = %c%s%c;\n", i-1, 39, arr[i], 39; printf "gpgfp[%d] = %c%c0%c;\n", m, 39, 92, 39; print "#endif"; }' > sh_gpg_fp.h
1963 else
1964 AC_MSG_ERROR([--with-fp: length (${sh_len0}) of FINGERPRINT ${withval0} incorrect])
1965 fi
1966 else
1967 AC_MSG_ERROR([--with-fp: usage error ... FINGERPRINT=yes])
1968 fi
1969 fi
1970 ])
1971
1972
1973dnl
1974dnl MAIL OPTIONS
1975dnl
1976
1977AC_ARG_WITH(recipient,
1978 [ --with-recipient=ADDR set recipient(s) for e-mail [[none]]],
1979 [
1980 withval0=`echo ${withval} | sed 's%,% %g'`
1981 for sh_item in ${withval0}
1982 do
1983 case ${sh_item} in
1984 *@localhost)
1985 ;;
1986 *@*.*)
1987 sh_tmp=`echo ${sh_item} | awk '{ if ($1 ~ [/^[a-zA-Z0-9][a-zA-Z0-9\-_\.]*@[a-zA-Z0-9\-\.]+\.([a-zA-Z]+|[0-9]+)$/]) {print 1; } else { print 0}}'`
1988 if test "x${sh_tmp}" != "x1"
1989 then
1990 AC_MSG_ERROR([--with-recipient: invalid mail address ${sh_item}])
1991 fi
1992 ;;
1993 *)
1994 AC_MSG_ERROR([--with-recipient: invalid mail address ${sh_item}])
1995 ;;
1996 esac
1997 done
1998 myrcp="$withval0"
1999 ],
2000 [myrcp="NULL"])
2001AC_DEFINE_UNQUOTED(DEFAULT_MAILADDRESS, _("${myrcp}") )
2002
2003
2004AC_ARG_WITH(sender,
2005 [ --with-sender=SENDER set sender for e-mail [[daemon]]],
2006 [
2007 mysender="${withval}"
2008 ],
2009 [
2010 mysender="daemon"
2011 ])
2012AC_DEFINE_UNQUOTED(DEFAULT_SENDER, _("${mysender}") )
2013
2014
2015dnl
2016dnl PATHS
2017dnl
2018
2019AC_ARG_WITH(trusted,
2020 [ --with-trusted=UID Set uid(s) of trusted users [[0]]],
2021 [
2022 sh_tmp_test=no
2023 sh_tmp=`echo ${withval} | sed 's%,% %g'`
2024 for sh_tmp1 in ${sh_tmp}
2025 do
2026 echo "${sh_tmp1}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
2027 AC_MSG_ERROR([--with-trusted: non-numeric UID in ${withval}])
2028 if test "x${sh_tmp1}" = "x0"
2029 then
2030 sh_tmp_test=yes
2031 fi
2032 done
2033 if test "x${sh_tmp_test}" = "xno"
2034 then
2035 withval="0,${withval}"
2036 fi
2037 mytrust="${withval}"
2038 ],
2039 [mytrust="0"] )
2040AC_DEFINE_UNQUOTED(SL_ALWAYS_TRUSTED, ${mytrust} )
2041AC_SUBST(mytrust)
2042
2043AC_ARG_WITH(tmp-dir,
2044 [ --with-tmp-dir=PFX set directory for temporary files [[HOME]]],
2045 [
2046 if test "x${cross_compiling}" = xyes; then
2047 :
2048 else
2049 if test -d "${withval}"; then
2050 my_tmp_dir="$withval"
2051 AC_DEFINE_UNQUOTED(SH_TMPDIR, _("${my_tmp_dir}") )
2052 else
2053 AC_MSG_ERROR([--with-tmp-dir: tmp directory ${withval} does not exist])
2054 fi
2055 fi
2056 ]
2057)
2058
2059dnl
2060dnl PATH DEFAULTS
2061dnl
2062
2063if test "x${ac_prefix_set}" = xyes
2064then
2065 if test "x${exec_prefix}" = xNONE
2066 then
2067 exec_prefix="${prefix}"
2068 fi
2069
2070 if test "x${prefix}" = xOPT
2071 then
2072 tmp_sbindir="/opt/${install_name}/bin"
2073 tmp_sysconfdir="/etc/opt"
2074 tmp_mandir="/opt/${install_name}/man"
2075 tmp_localstatedir="/var/opt/${install_name}"
2076 elif test "x${prefix}" = xUSR
2077 then
2078 tmp_sbindir="/usr/sbin"
2079 tmp_sysconfdir="/etc"
2080 tmp_mandir="/usr/share/man"
2081 tmp_localstatedir="/var"
2082 else
2083 tmp_sbindir=`eval echo ${sbindir}`
2084 tmp_sysconfdir=`eval echo ${sysconfdir}`
2085 tmp_mandir=`eval echo ${mandir}`
2086 tmp_localstatedir=`eval echo ${localstatedir}`
2087 fi
2088else
2089 prefix=""
2090 if test "x${ac_exec_prefix_set}" = xyes
2091 then
2092 tmp_sbindir=`eval echo ${sbindir}`
2093 else
2094 tmp_sbindir="/usr/local/sbin"
2095 fi
2096 tmp_sysconfdir="/etc"
2097 # share/man -> man (FHS) 11.10.2002
2098 tmp_mandir="/usr/local/man"
2099 tmp_localstatedir="/var"
2100fi
2101
2102
2103if test "x${ac_sbindir_set}" = xyes
2104then
2105 :
2106else
2107 sbindir=`eval echo ${tmp_sbindir}`
2108fi
2109
2110
2111if test "x${ac_sysconfdir_set}" = xyes
2112then
2113 :
2114else
2115 sysconfdir=`eval echo ${tmp_sysconfdir}`
2116fi
2117
2118if test "x${ac_mandir_set}" = xyes
2119then
2120 :
2121else
2122 mandir=`eval echo ${tmp_mandir}`
2123fi
2124
2125if test "x${ac_localstatedir_set}" = xyes
2126then
2127 :
2128else
2129 localstatedir=`eval echo ${tmp_localstatedir}`
2130fi
2131
2132
2133
2134AC_ARG_WITH(config-file,
2135 [ --with-config-file=FILE configuration file [[/etc/{install_name}rc]]],
2136 [
2137 myconffile="${withval}"
2138 changequote(<<, >>)dnl
2139 tmp=`echo ${withval} | sed 's%^REQ_FROM_SERVER%%'`
2140 sysconfdir=`echo ${tmp} | sed 's%/[^/][^/]*$%%'`
2141 myrpmconffile="${tmp}"
2142 changequote([, ])dnl
2143 ],
2144 [
2145 myconffile="${sysconfdir}/${install_name}rc"
2146 myrpmconffile="${myconffile}"
2147 ]
2148)
2149AC_DEFINE_UNQUOTED(DEFAULT_CONFIGFILE, _("${myconffile}") )
2150AC_SUBST(myconffile)
2151AC_SUBST(myrpmconffile)
2152
2153AC_ARG_WITH(log-file,
2154 [ --with-log-file=FILE path of log file [[/var/log/{install_name}_log]]],
2155 [
2156 mylogfile="$withval"
2157 changequote(<<, >>)dnl
2158 mylogdir=`echo ${withval} | sed 's%/[^/][^/]*$%%'`
2159 changequote([, ])dnl
2160 ],
2161 [
2162 if test "x${mytclient}" = "x-DSH_WITH_SERVER"; then
2163 mylogfile="${localstatedir}/log/${install_name}/${install_name}_log"
2164 mylogdir="${localstatedir}/log/${install_name}"
2165 else
2166 mylogfile="${localstatedir}/log/${install_name}_log"
2167 mylogdir="${localstatedir}/log"
2168 fi
2169 ]
2170)
2171AC_DEFINE_UNQUOTED(DEFAULT_ERRFILE, _("${mylogfile}") )
2172AC_DEFINE_UNQUOTED(DEFAULT_LOGDIR, _("${mylogdir}") )
2173AC_SUBST(mylogfile)
2174AC_SUBST(mylogdir)
2175
2176AC_ARG_WITH(pid-file,
2177 [ --with-pid-file=FILE set path of pid file [[/var/run/{install_name}.pid]]],
2178 [
2179 mylockfile="$withval"
2180 changequote(<<, >>)dnl
2181 mylockdir=`echo ${withval} | sed 's%/[^/][^/]*$%%'`
2182 changequote([, ])dnl
2183 ],
2184 [
2185 mylockfile="${localstatedir}/run/${install_name}.pid"
2186 mylockdir="${localstatedir}/run"
2187 ]
2188)
2189AC_DEFINE_UNQUOTED(DEFAULT_ERRLOCK, _("${mylockfile}") )
2190AC_DEFINE_UNQUOTED(DEFAULT_PIDDIR, _("${mylockdir}") )
2191AC_SUBST(mylockfile)
2192AC_SUBST(mylockdir)
2193
2194AC_ARG_WITH(state-dir,
2195 [ --with-state-dir=PFX set state data directory [[/var/lib/{install_name}]]],
2196 [
2197 mydataroot="$withval"
2198 ],
2199 [
2200 mydataroot="${localstatedir}/lib/${install_name}"
2201 ]
2202 )
2203AC_ARG_WITH(data-file,
2204 [ --with-data-file=FILE set path of data file],
2205 [
2206 mydatafile="$withval"
2207 changequote(<<, >>)dnl
2208 tmp=`echo ${withval} | sed 's%^REQ_FROM_SERVER%%'`
2209 mydataroot=`echo ${tmp} | sed 's%/[^/][^/]*$%%'`
2210 myrpmdatafile="${tmp}"
2211 changequote([, ])dnl
2212 if test x"${tmp}" = x
2213 then
2214 echo "No local path in data file ${withval}"
2215 echo "This will not work for initializing the database."
2216 if test x"${withval}" = xREQ_FROM_SERVER
2217 then
2218 echo "It should be REQ_FROM_SERVER/some/local/path"
2219 fi
2220 AC_MSG_ERROR([--with-data-file: invalid path ${withval}])
2221 fi
2222 ],
2223 [
2224 mydatafile="${mydataroot}/${install_name}_file"
2225 myrpmdatafile="${mydatafile}"
2226 ])
2227AC_DEFINE_UNQUOTED(DEFAULT_DATA_FILE, _("${mydatafile}") )
2228AC_SUBST(mydatafile)
2229AC_SUBST(myrpmdatafile)
2230
2231AC_DEFINE_UNQUOTED(DEFAULT_DATAROOT, _("${mydataroot}") )
2232AC_SUBST(mydataroot)
2233
2234AC_DEFINE_UNQUOTED(DEFAULT_QDIR, _("${mydataroot}/.quarantine") )
2235AC_SUBST(myqdir)
2236
2237
2238AC_ARG_WITH(html-file,
2239 [ --with-html-file=FILE set path of html file,],
2240 [
2241 myhtmlfile="$withval"
2242 ],
2243 [
2244 myhtmlfile="${mylogdir}/${install_name}.html"
2245 ])
2246AC_DEFINE_UNQUOTED(DEFAULT_HTML_FILE, _("${myhtmlfile}") )
2247AC_SUBST(myhtmlfile)
2248
2249
2250mydefargs=$ac_configure_args
2251# if test -z "`echo "$mydefargs" | grep "\-\-enable\-static" 2> /dev/null`"
2252# then
2253# mydefargs="--enable-static $mydefargs"
2254# fi
2255if test -z "`echo "$mydefargs" | grep "\-\-enable\-base" 2> /dev/null`"
2256then
2257 mydefargs="--enable-base=${mykeybase} $mydefargs"
2258fi
2259AC_SUBST(mydefargs)
2260
2261
2262AC_DEFINE_UNQUOTED(SH_INSTALL_DIR, _("${sbindir}"))
2263AC_DEFINE_UNQUOTED(SH_INSTALL_PATH, _("${sbindir}/${install_name}"))
2264AC_DEFINE_UNQUOTED(SH_INSTALL_NAME, _("${install_name}"))
2265
2266AC_CONFIG_HEADER(config.h)
2267
2268AC_OUTPUT(
2269[
2270Makefile
2271samhain-install.sh
2272init/samhain.startLSB
2273init/samhain.startLinux
2274init/samhain.startGentoo
2275init/samhain.startFreeBSD
2276init/samhain.startSolaris
2277init/samhain.startHPUX
2278init/samhain.startIRIX
2279samhain.spec
2280rules.deb
2281rules.deb-light
2282hp_ux.psf
2283scripts/samhain.spec
2284scripts/redhat_i386.client.spec
2285scripts/samhain.ebuild
2286scripts/samhain.ebuild-light
2287scripts/samhainadmin.pl
2288scripts/check_samhain.pl
2289deploy.sh
2290],
2291[
2292echo timestamp > stamp-h
2293chmod +x samhain-install.sh
2294chmod +x scripts/samhainadmin.pl
2295chmod +x scripts/check_samhain.pl
2296]
2297)
2298
2299chmod +x deploy.sh
2300
2301if test "x${cross_compiling}" = xyes
2302then
2303
2304echo "--------------------------------------------------------------"
2305echo
2306echo "You are using a cross-compiler. The following system dependent"
2307echo "values may have been set to default values that may be"
2308echo "incorrect for your target system: "
2309echo
2310echo "ac_cv_c_bigendian bigendian byte order ${ac_cv_c_bigendian}"
2311echo "ac_cv_c_long_double long double exists ${ac_cv_c_long_double}"
2312echo "ac_cv_sizeof_char_p size of pointer to char ${ac_cv_sizeof_char_p}"
2313echo "ac_cv_sizeof_char_p size of size_t ${ac_cv_sizeof_size_t}"
2314echo "ac_cv_sizeof_unsigned_int_ size of unsigned int ${ac_cv_sizeof_unsigned_int_}"
2315echo "ac_cv_sizeof_unsigned_long size of unsigned long ${ac_cv_sizeof_unsigned_long}"
2316echo "ac_cv_sizeof_unsigned_short size of unsigned short ${ac_cv_sizeof_unsigned_short}"
2317echo
2318echo "If these values are incorrect, change them in the file "
2319echo "config.cache and run configure again."
2320echo
2321echo "--------------------------------------------------------------"
2322
2323fi
2324
2325if test x${silent} != xyes
2326then
2327
2328 # A=`eval echo ${sbindir}` ; A=`eval echo ${A}`
2329 # B=`eval echo ${myconffile}` ; B=`eval echo ${B}`
2330 # C=`eval echo ${mandir}` ; C=`eval echo ${C}`
2331 # D=`eval echo ${mylockfile}` ; D=`eval echo ${D}`
2332 # E=`eval echo ${mylogfile}` ; E=`eval echo ${E}`
2333 # F=`eval echo ${mydataroot}` ; F=`eval echo ${F}`
2334
2335 echo
2336 echo " samhain has been configured as follows:"
2337 echo " System binaries: ${sbindir}"
2338 echo " Configuration file: ${myconffile}"
2339 echo " Manual pages: ${mandir}"
2340 echo " Data: ${mydataroot}"
2341 echo " PID file: ${mylockfile}"
2342 echo " Log file: ${mylogfile}"
2343 echo " Base key: ${mykeybase}"
2344 echo
2345 if test x"$mytclient" = x"-DSH_WITH_SERVER"
2346 then
2347 echo " Selected rc file: yulerc"
2348 else
2349 echo " Selected rc file: samhainrc.${selectconfig}"
2350 fi
2351
2352fi
2353
Note: See TracBrowser for help on using the repository browser.