source: trunk/configure.ac@ 18

Last change on this file since 18 was 18, checked in by rainer, 19 years ago

Optimized version of tiger algorithm, and basic ingredients for unit testing (part 2)
File size: 64.2 KB
Line 
1dnl We want to override the standard AC_INIT_PARSE_ARGS,
2dnl which requires replacing AC_INIT() with its expanded
3dnl content.
4dnl
5dnl include own macros
6dnl
7sinclude(acsite.m4)dnl
8sinclude(./aclocal.m4)dnl
9
10dnl
11dnl AC_INIT(samhain.c)
12dnl
13# Forbidden tokens and exceptions.
14m4_pattern_forbid([^_?A[CHUM]_])
15m4_pattern_forbid([_AC_])
16m4_pattern_forbid([^LIBOBJS$],
17 [do not use LIBOBJS directly, use AC_LIBOBJ (see section `AC_LIBOBJ vs. LIBOBJS'])
18# Actually reserved by M4sh.
19m4_pattern_allow([^AS_FLAGS$])
20AS_INIT
21dnl m4_ifval([$2], [_AC_INIT_PACKAGE($@)])
22_AC_INIT_DEFAULTS
23SH_INIT_PARSE_ARGS
24_AC_INIT_SRCDIR
25SH_INIT_HELP
26_AC_INIT_VERSION
27_AC_INIT_CONFIG_LOG
28_AC_INIT_PREPARE
29_AC_INIT_NOTICE
30_AC_INIT_COPYRIGHT
31m4_ifval([$2], , [m4_ifval([$1], [AC_CONFIG_SRCDIR([$1])])])dnl
32
33AC_ARG_VAR([LIBS],
34 [libraries to link against, e.g. -lintl])
35
36dnl
37dnl start
38dnl
39AM_INIT_AUTOMAKE(samhain, 2.2.0rc1)
40AC_CANONICAL_HOST
41
42dnl
43dnl checks for programs
44dnl
45
46AC_PROG_CC
47AC_PROG_CPP
48AC_PROG_INSTALL
49AC_PROG_LN_S
50AC_PROG_AWK
51AC_PATH_PROG(cmd_hostname,hostname)
52AC_SUBST(cmd_hostname)
53
54GCC_STACK_PROTECT_CC
55
56AC_HEADER_STDC
57dnl
58dnl first one is a dummy because of an autoconf bug
59dnl (no HAVE_... for first one)
60dnl
61AC_CHECK_HEADERS([sys/ipc.h sys/msg.h sys/uio.h fcntl.h])
62
63
64AC_MSG_CHECKING([for host-specific issues])
65mydebugflag=no
66myneedg3=no
67uid_cast="signed long"
68selectconfig=linux
69mynetbsd=no
70sh_use_lcaps="undef"
71
72case "$host_os" in
73
74 *linux*)
75 sh_use_lcaps="yes"
76 AC_DEFINE(HOST_IS_LINUX)
77 AC_DEFINE(HAVE_EXT2_IOCTLS)
78 AC_MSG_RESULT(LINUX use ioctl to get e2fs flags)
79 case "$host_cpu" in
80 i*86*)
81 AC_DEFINE(HOST_IS_I86LINUX)
82 ;;
83 *)
84 ;;
85 esac
86 ;;
87
88 *osf*)
89 AC_DEFINE([HOST_IS_OSF], 1, [Define if host OS is OSF])
90 if test "x$GCC" != "xyes"; then
91 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
92 CFLAGS="$CFLAGS -O2 -assume noaligned_objects"
93 myneedg3=yes
94 AC_MSG_RESULT(OSF1 compiler needs assume noaligned_objects)
95 else
96 AC_MSG_RESULT(none)
97 fi
98 ;;
99
100 *cygwin*)
101 AC_DEFINE(HOST_IS_CYGWIN)
102 AC_MSG_RESULT(CYGWIN do not check for trusted paths)
103 ;;
104
105 *darwin*)
106 AC_DEFINE(HOST_IS_DARWIN)
107 AC_MSG_RESULT(DARWIN check resource forks)
108 ;;
109
110 *freebsd*)
111 AC_DEFINE(HOST_IS_FREEBSD)
112 selectconfig=freebsd
113 AC_MSG_RESULT(none)
114 ;;
115
116 *openbsd*)
117 selectconfig=freebsd
118 AC_MSG_RESULT(none)
119 ;;
120
121 *netbsd*)
122 mynetbsd=yes
123 AC_MSG_RESULT(NETBSD bug with libresolve)
124 ;;
125
126 *solaris*)
127 selectconfig=solaris
128 AC_DEFINE(HOST_IS_SOLARIS)
129 case "$host_cpu" in
130 i*86)
131 AC_DEFINE(HOST_IS_I86SOLARIS)
132 AC_MSG_RESULT(SOLARIS I86 vsnprintf prototype)
133 ;;
134 *)
135 AC_MSG_RESULT(none)
136 ;;
137 esac
138 if test "x$GCC" != "xyes"; then
139 if test ! -z "`echo "$CFLAGS" | grep "\-g" 2> /dev/null`" ; then
140 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
141 fi
142 if test -z "`echo "$CFLAGS" | grep "\-xO2" 2> /dev/null`"; then
143 CFLAGS="$CFLAGS -xO2"
144 fi
145 if test -z "`echo "$CFLAGS" | grep "\-Xa" 2> /dev/null`"; then
146 CFLAGS="$CFLAGS -Xa"
147 fi
148 LIBS="-lc $LIBS"
149 fi
150 ;;
151
152
153 *sun*)
154 selectconfig=solaris
155 AC_DEFINE(HOST_IS_SOLARIS)
156 AC_MSG_RESULT(none)
157 ;;
158
159 *aix*)
160 AC_DEFINE(HOST_IS_AIX)
161 selectconfig=aix5.2.0
162 uid_cast="unsigned long"
163 if test "x$GCC" != "xyes"; then
164 if test ! -z "`echo "$CFLAGS" | grep "\-g" 2> /dev/null`" ; then
165 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
166 fi
167 if test -z "`echo "$CFLAGS" | grep "\-O3" 2> /dev/null`"; then
168 CFLAGS="$CFLAGS -O3"
169 fi
170 if test -z "`echo "$CFLAGS" | grep "\-qstrict" 2> /dev/null`"; then
171 CFLAGS="$CFLAGS -qstrict"
172 fi
173 AC_MSG_RESULT(AIX size_t in the accept call and optimize O3 qstrict)
174 else
175 AC_MSG_RESULT(AIX size_t in the accept call)
176 fi
177 ;;
178
179 *hpux*)
180 AC_MSG_RESULT(HPUX has not always h_errno defined)
181 AC_DEFINE(HOST_IS_HPUX)
182 if test "x$GCC" != "xyes"; then
183 if test ! -z "`echo "$CFLAGS" | grep "\-g" 2> /dev/null`" ; then
184 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
185 fi
186 if test -z "`echo "$CFLAGS" | grep "\-fast" 2> /dev/null`"; then
187 CFLAGS="$CFLAGS -fast"
188 fi
189 fi
190 ;;
191
192 *ultrix*)
193 AC_MSG_RESULT(ULTRIX getcwd uses popen)
194 AC_DEFINE(HAVE_BROKEN_GETCWD)
195 ;;
196
197 *)
198 AC_MSG_RESULT(none)
199 ;;
200esac
201
202AC_SUBST(selectconfig)
203AC_DEFINE_UNQUOTED(UID_CAST, ${uid_cast})
204
205
206dnl *****************************************
207dnl
208dnl checks for header files
209dnl
210dnl *****************************************
211
212AC_HEADER_DIRENT
213AC_HEADER_MAJOR
214AC_HEADER_TIME
215dnl used in minilzo.c
216AC_HEADER_STAT
217AC_DECL_SYS_SIGLIST
218
219AC_CHECK_HEADERS(stddef.h libgen.h sched.h \
220 sys/vfs.h \
221 sys/select.h sys/socket.h netinet/in.h \
222 regex.h glob.h \
223 linux/ext2_fs.h ext2fs/ext2_fs.h \
224 paths.h arpa/nameser.h arpa/nameser_compat.h,
225 [],
226 [],
227 [#include <sys/types.h>]
228)
229
230
231AC_CHECK_HEADER(utmpx.h, sh_utmpx="yes", sh_utmpx="no")
232if test "x$sh_utmpx" = "xyes"; then
233 if cat "/usr/include/utmpx.h" 2>&5 |
234 egrep "WTMPX_FILE" >/dev/null 2>&1; then
235 AC_DEFINE(HAVE_UTMPX_H)
236 AC_EGREP_HEADER(ut_host, utmpx.h, AC_DEFINE(HAVE_UTHOST) )
237 AC_EGREP_HEADER(ut_addr, utmpx.h, AC_DEFINE(HAVE_UTADDR) )
238 AC_EGREP_HEADER(ut_xtime,utmpx.h, AC_DEFINE(HAVE_UTXTIME) )
239 AC_EGREP_HEADER(ut_type, utmpx.h, AC_DEFINE(HAVE_UTTYPE) )
240 else
241 AC_EGREP_HEADER(ut_addr, utmp.h, AC_DEFINE(HAVE_UTADDR) )
242 AC_EGREP_HEADER(ut_host, utmp.h, AC_DEFINE(HAVE_UTHOST) )
243 AC_EGREP_HEADER(ut_type, utmp.h, AC_DEFINE(HAVE_UTTYPE) )
244 fi
245else
246 AC_EGREP_HEADER(ut_host, utmp.h, AC_DEFINE(HAVE_UTHOST) )
247 AC_EGREP_HEADER(ut_type, utmp.h, AC_DEFINE(HAVE_UTTYPE) )
248fi
249
250dnl need to check because AIX 4.2 does not have it
251dnl
252AC_CHECK_MEMBERS([struct statfs.f_flags],[],[],[
253#ifdef HAVE_SYS_TYPES_H
254#include <sys/types.h>
255#endif
256#ifdef HAVE_SYS_STAT_H
257#include <sys/stat.h>
258#endif
259#ifdef HAVE_SYS_VFS_H
260#include <sys/vfs.h>
261#endif
262#ifdef HAVE_UNISTD_H
263#include <unistd.h>
264#endif
265])
266
267AC_SYS_LARGEFILE
268
269dnl
270dnl check whether _POSIX_SOURCE is required
271dnl
272SAMHAIN_POSIX
273
274
275dnl *****************************************
276dnl
277dnl Checks for library functions.
278dnl
279dnl *****************************************
280AC_FUNC_STRFTIME
281AC_CHECK_FUNCS(memcmp memcpy memmove memset getpwent endpwent \
282 gettimeofday strlcat strlcpy strstr strchr strerror strsignal \
283 seteuid setreuid setresuid lstat getwd getcwd ptrace \
284 usleep setpriority getpeereid nanosleep \
285 strptime basename sched_yield \
286 inet_aton gethostbyname setutent setrlimit gethostname uname \
287 initgroups getpagesize \
288 ttyname fchmod
289)
290AC_CHECK_FUNC(statfs, AC_DEFINE(HAVE_STATFS) statfs="yes", statfs="no")
291SL_CHECK_VA_COPY
292AC_CHECK_FUNCS(vsnprintf, [SL_CHECK_VSNPRINTF])
293AC_CHECK_MLOCK
294
295AC_MSG_CHECKING(how to get filesystem type)
296fstype=no
297# The order of these tests is important.
298AC_TRY_CPP([#include <sys/statvfs.h>
299#include <sys/fstyp.h>], AC_DEFINE(FSTYPE_STATVFS) fstype=SVR4)
300if test $fstype = no; then
301AC_TRY_CPP([#include <sys/statfs.h>
302#include <sys/fstyp.h>], AC_DEFINE(FSTYPE_USG_STATFS) fstype=SVR3)
303fi
304if test $fstype = no; then
305AC_TRY_CPP([#include <sys/statfs.h>
306#include <sys/vmount.h>], AC_DEFINE(FSTYPE_AIX_STATFS) fstype=AIX)
307fi
308if test $fstype = no; then
309AC_TRY_CPP([#include <mntent.h>], AC_DEFINE(FSTYPE_MNTENT) fstype=4.3BSD)
310fi
311if test $fstype = no; then
312AC_EGREP_HEADER(f_type;, sys/mount.h, AC_DEFINE(FSTYPE_STATFS) fstype=4.4BSD/OSF)
313fi
314if test $fstype = no; then
315AC_TRY_CPP([#include <sys/mount.h>
316#include <sys/fs_types.h>], AC_DEFINE(FSTYPE_GETMNT) fstype=Ultrix)
317fi
318AC_MSG_RESULT($fstype)
319
320sh_libsocket=
321
322dnl Solaris needs -lsocket and -lnsl. Unisys system includes
323dnl gethostbyname in libsocket but needs libnsl for socket.
324AC_CHECK_LIB(nsl, gethostbyname)
325AC_CHECK_LIB(socket, socket, ac_need_libsocket=1, ac_try_nsl=1)
326if test x$ac_need_libsocket = x1; then
327 LIBS="$LIBS -lsocket"
328 sh_libsocket="-lsocket"
329fi
330if test x$ac_try_nsl = x1; then
331 AC_CHECK_LIB(nsl, gethostbyname, ac_need_libnsl=1)
332 if test x$ac_need_libnsl = x1
333 then
334 LIBS="$LIBS -lnsl"
335 fi
336fi
337AC_SUBST(sh_libsocket)
338
339AC_CHECK_LIB(socket, res_search, [
340 AC_CHECK_LIB(resolv, dn_skipname)
341 AC_CHECK_LIB(resolv, __dn_skipname)
342 if test x$ac_need_libsocket = x1; then
343 :
344 else
345 LIBS="$LIBS -lsocket"
346 fi
347 ], [
348 AC_CHECK_LIB(resolv, res_search, [
349 LIBS="$LIBS -lresolv"
350 ], [
351 AC_CHECK_LIB(resolv, dn_skipname)
352 AC_CHECK_LIB(resolv, __dn_skipname)
353 ])
354 ])
355
356dnl arguments for accept
357
358dnl check for Unix98 socklen_t (found on
359dnl xemacs-patches mailing list, written
360dnl by Martin Buchholz)
361dnl
362dnl On Darwin(MacOSX) socklen_t needs to be
363dnl an int (see accept man page), on all other
364dnl unix systems we need a size_t.
365
366AC_MSG_CHECKING(for socklen_t)
367AC_TRY_COMPILE([
368#ifdef HAVE_SYS_TYPES_H
369#include <sys/types.h>
370#endif
371#ifdef HAVE_SYS_SOCKET_H
372#include <sys/socket.h>
373#endif
374 socklen_t x;
375], [],[
376 AC_MSG_RESULT(yes)
377 AC_DEFINE_UNQUOTED([ACCEPT_TYPE_ARG3],[socklen_t], [type of arg3 of accept])
378],[
379 AC_TRY_COMPILE([
380#ifdef HAVE_SYS_TYPES_H
381#include <sys/types.h>
382#endif
383#ifdef HAVE_SYS_SOCKET_H
384#include <sys/socket.h>
385#endif
386 int accept (int, struct sockaddr *, size_t *);
387 ],[],[
388 AC_MSG_RESULT(size_t)
389 AC_DEFINE_UNQUOTED([ACCEPT_TYPE_ARG3],[size_t], [type of arg3 of accept])
390 ], [
391 AC_MSG_RESULT(int)
392 AC_DEFINE_UNQUOTED([ACCEPT_TYPE_ARG3],[int], [type of arg3 of accept])
393 ]
394 )
395])
396
397
398dnl *****************************************
399dnl checks for typedefs
400dnl *****************************************
401
402AC_C_LONG_DOUBLE
403SH_CHECK_TYPEDEF(long long, HAVE_LONG_LONG)
404if test "$sh_HAVE_LONG_LONG" = "yes"; then
405 AC_CHECK_SIZEOF(unsigned long long, 4)
406 if test "$ac_cv_sizeof_unsigned_long_long" = "8"; then
407 AC_DEFINE(HAVE_LONG_LONG_64, 1, [Define if you have 64bit long long])
408 fi
409fi
410
411AC_CHECK_TYPE(ptrdiff_t, long)
412AC_TYPE_SIZE_T
413AC_CHECK_SIZEOF(char *, 4)
414AC_CHECK_SIZEOF(size_t, 4)
415
416AC_CHECK_SIZEOF(unsigned long, 4)
417AC_CHECK_SIZEOF(unsigned int , 4)
418AC_CHECK_SIZEOF(unsigned short, 2)
419
420
421if test "$ac_cv_sizeof_unsigned_long" = "4"; then
422 AC_DEFINE(HAVE_LONG_32)
423fi
424if test "$ac_cv_sizeof_unsigned_long" = "8"; then
425 AC_DEFINE(HAVE_LONG_64)
426fi
427if test "$ac_cv_sizeof_unsigned_int" = "4"; then
428 AC_DEFINE(HAVE_INT_32)
429fi
430
431dnl
432dnl For Alpha
433dnl
434if test "$ac_cv_sizeof_unsigned_int_" = "4"; then
435 AC_DEFINE(HAVE_INT_32)
436fi
437if test "$ac_cv_sizeof_unsigned_short" = "4"; then
438 AC_DEFINE(HAVE_SHORT_32)
439fi
440
441dnl
442dnl check for 64 bit programming environment
443dnl
444SAMHAIN_64
445
446
447dnl *****************************************
448dnl checks for structures
449dnl *****************************************
450
451AC_STRUCT_TM
452
453dnl
454dnl from e2fsprogs
455dnl
456AC_MSG_CHECKING(whether struct stat has a st_flags field)
457AC_CACHE_VAL(e2fsprogs_cv_struct_st_flags,
458 AC_TRY_COMPILE([#include <sys/stat.h>],
459 [struct stat stat; stat.st_flags = 0;],
460 [e2fsprogs_cv_struct_st_flags=yes],
461 [e2fsprogs_cv_struct_st_flags=no]))
462AC_MSG_RESULT($e2fsprogs_cv_struct_st_flags)
463if test "$e2fsprogs_cv_struct_st_flags" = yes; then
464 AC_MSG_CHECKING(whether st_flags field is useful)
465 AC_CACHE_VAL(e2fsprogs_cv_struct_st_flags_immut,
466 AC_TRY_COMPILE([#include <sys/stat.h>],
467 [struct stat stat; stat.st_flags |= UF_IMMUTABLE;],
468 [e2fsprogs_cv_struct_st_flags_immut=yes],
469 [e2fsprogs_cv_struct_st_flags_immut=no]))
470 AC_MSG_RESULT($e2fsprogs_cv_struct_st_flags_immut)
471 if test "$e2fsprogs_cv_struct_st_flags_immut" = yes; then
472 AC_DEFINE(HAVE_STAT_FLAGS)
473 fi
474fi
475
476dnl
477dnl from dbus
478dnl
479AC_MSG_CHECKING(for struct cmsgcred)
480AC_TRY_COMPILE([
481#include <sys/types.h>
482#include <sys/socket.h>
483],[
484struct cmsgcred cred;
485
486cred.cmcred_pid = 0;
487],sh_have_struct_cmsgcred=yes,sh_have_struct_cmsgcred=no)
488AC_MSG_RESULT($sh_have_struct_cmsgcred)
489
490if test x$sh_have_struct_cmsgcred = xyes; then
491 AC_DEFINE(HAVE_STRUCT_CMSGCRED,1,[Have cmsgcred structure])
492fi
493
494AC_MSG_CHECKING(for struct fcred)
495AC_TRY_COMPILE([
496#include <sys/param.h>
497#include <sys/socket.h>
498#include <sys/ucred.h>
499],[
500struct fcred sockcred;
501],sh_have_struct_fcred=yes,sh_have_struct_fcred=no)
502AC_MSG_RESULT($sh_have_struct_fcred)
503
504if test x$sh_have_struct_fcred = xyes; then
505 AC_DEFINE(HAVE_STRUCT_FCRED,1,[Have fcred structure])
506fi
507
508AC_MSG_CHECKING(for struct sockcred)
509AC_TRY_COMPILE([
510#include <sys/param.h>
511#include <sys/socket.h>
512#include <sys/ucred.h>
513],[
514struct sockcred sockcred;
515],sh_have_struct_sockcred=yes,sh_have_struct_sockcred=no)
516AC_MSG_RESULT($sh_have_struct_sockcred)
517
518if test x$sh_have_struct_sockcred = xyes; then
519 AC_DEFINE(HAVE_STRUCT_SOCKCRED,1,[Have sockcred structure])
520fi
521
522AC_MSG_CHECKING(for SO_PEERCRED)
523AC_TRY_COMPILE([
524#include <sys/types.h>
525#include <sys/socket.h>
526],[
527int test = SO_PEERCRED;
528],sh_have_SO_PEERCRED=yes,sh_have_SO_PEERCRED=no)
529AC_MSG_RESULT($sh_have_SO_PEERCRED)
530
531if test x$sh_have_SO_PEERCRED = xyes; then
532 AC_DEFINE(HAVE_SO_PEERCRED,1,[Have SO_PEERCRED define])
533fi
534
535
536dnl *****************************************
537dnl checks for compiler characteristics
538dnl *****************************************
539AC_C_INLINE
540AC_C_CONST
541AC_C_BIGENDIAN
542
543AM_SA_SIGACTION_WORKS
544
545dnl *****************************************
546dnl
547dnl checks for system services
548dnl
549dnl *****************************************
550
551dnl
552dnl check for GNU gmp
553dnl
554AC_CHECK_LIB(gmp, __gmpz_init, [sh_have_gmp=yes], [sh_have_gmp=no])
555if test "x${sh_have_gmp}" = xno
556then
557 AC_CHECK_LIB(gmp, mpz_init, [sh_have_gmp=yes], [sh_have_gmp=no])
558fi
559if test "x${sh_have_gmp}" = xyes
560then
561 # LIBS="-lgmp $LIBS"
562 AC_DEFINE(HAVE_LIBGMP, 1, [Have GNU gmp library])
563fi
564AC_CHECK_HEADERS(gmp.h)
565
566
567dnl *****************************************
568dnl
569dnl enable features
570dnl
571dnl *****************************************
572
573AC_ARG_ENABLE(db-reload,
574 [ --enable-db-reload enable database reload on SIGHUP [no]],
575 [
576 if test "x${enable_db_reload}" = xyes; then
577 AC_DEFINE(RELOAD_DATABASE)
578 fi
579 ]
580)
581
582AC_ARG_ENABLE(xml-log,
583 [ --enable-xml-log enable XML logfile format [[no]]],
584 [
585 if test "x${enable_xml_log}" = xyes; then
586 AC_DEFINE(SH_USE_XML)
587 fi
588 ]
589)
590
591
592AC_ARG_ENABLE(mail,
593 [ --disable-mail disable the internal SMTP mailer],
594 [
595 if test "x${enable_mail}" = xno; then
596 :
597 else
598 AC_DEFINE(SH_WITH_MAIL)
599 fi
600 ],
601 [AC_DEFINE(SH_WITH_MAIL)]
602)
603
604AC_ARG_ENABLE(external-scripts,
605 [ --disable-external-scripts disable interface to external scripts],
606 [
607 if test "x${enableval}" = xno; then
608 :
609 else
610 AC_DEFINE(WITH_EXTERNAL)
611 fi
612 ],
613 [AC_DEFINE(WITH_EXTERNAL)]
614)
615
616AC_ARG_ENABLE(message-queue,
617 [ --enable-message-queue[[=MODE]] enable SysV message queue [[MODE=0700]]],
618 [
619 if test "x${enable_message_queue}" = xyes; then
620 AC_DEFINE(WITH_MESSAGE_QUEUE)
621 AC_DEFINE_UNQUOTED(MESSAGE_QUEUE_MODE, 0700)
622 elif test "x${enable_message_queue}" != xno; then
623 echo "${enableval}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
624 AC_MSG_ERROR([--enable-message-queue: MODE must be numeric])
625 echo "${enableval}" | \
626 grep ['0[0123456789][0123456789][0123456789]'] >/dev/null 2>&1 ||
627 AC_MSG_ERROR([--enable-message-queue: MODE must be an octal (0nnn) number])
628 AC_DEFINE(WITH_MESSAGE_QUEUE)
629 AC_DEFINE_UNQUOTED(MESSAGE_QUEUE_MODE, ${enable_message_queue})
630 fi
631 ]
632)
633
634AC_ARG_WITH(cflags,
635 [ --with-cflags additional flags to pass to compiler],
636 [
637 if test "x$withval" != "xno" ; then
638 CFLAGS="$CFLAGS $withval"
639 fi
640 ]
641)
642AC_ARG_WITH(libs,
643 [ --with-libs additional libraries to link with],
644 [
645 if test "x$withval" != "xno" ; then
646 LIBS="$LIBS $withval"
647 fi
648 ]
649)
650
651
652#
653# this is from ssh
654#
655AC_MSG_CHECKING(whether to use libwrap)
656LIBWRAP_LIB=""
657LIBWRAP_INC=""
658AC_ARG_WITH(libwrap,
659[ --with-libwrap[=PATH] Compile in libwrap (TCP Wrappers) support],
660[ AC_MSG_RESULT($withval)
661 case "$withval" in
662 no)
663 ;;
664 ""|yes)
665 LIBWRAP_LIB="-lwrap"
666 ;;
667 *)
668 if test -d "$withval"; then
669 LIBWRAP_LIB="-L$withval -lwrap"
670 changequote(<<, >>)dnl
671 sh_libwrap_inc=`echo ${withval} | sed 's%/[^/][^/]*$%%'`
672 LIBWRAP_INC="-I${sh_libwrap_inc}/include"
673 changequote([, ])dnl
674 else
675 LIBWRAP_LIB="-lwrap"
676 changequote(<<, >>)dnl
677 sh_libwrap_inc=`echo ${withval} | sed 's%/[^/][^/]*$%%'`
678 LIBWRAP_INC="-I${sh_libwrap_inc}"
679 changequote([, ])dnl
680 fi
681 ;;
682 esac
683 if test -n "$LIBWRAP_LIB"; then
684 # OLDLIBS="$LIBS"
685 LIBS="$LIBWRAP_LIB $LIBS"
686 # OLDCFLAGS="$CFLAGS"
687 CFLAGS="$CFLAGS $LIBWRAP_INC"
688 AC_CHECK_HEADER(tcpd.h,
689 [],
690 [ AC_MSG_ERROR([Could not find tcpd.h for libwrap. You must first install tcp_wrappers]) ])
691 AC_TRY_LINK([ #include <tcpd.h>
692 int allow_severity; int deny_severity; ],
693 [ hosts_access((struct request_info *) 0); ],
694 [ AC_DEFINE(SH_USE_LIBWRAP,1,[Build with tcp wrapper support]) ],
695 [ AC_MSG_ERROR([Could not find the libwrap library.]) ])
696 fi ],
697 AC_MSG_RESULT(no)
698)
699
700
701#
702# this is from the snort configure.in
703#
704AC_DEFUN(FAIL_MESSAGE,[
705 echo
706 echo
707 echo "**********************************************"
708 echo " ERROR: unable to find" $1
709 echo " checked in the following places"
710 for i in `echo $2`; do
711 echo " $i"
712 done
713 echo "**********************************************"
714 echo
715 exit
716])
717
718AC_ARG_WITH(libprelude-prefix,
719 [ --with-libprelude-prefix=PFX Prefix where libprelude is installed (optional)],
720 libprelude_config_prefix="$withval", libprelude_config_prefix="")
721
722AC_MSG_CHECKING(whether to use prelude)
723AC_ARG_WITH(prelude,
724 [ --with-prelude Prelude IDS support [[no]]],
725 [
726 if test "x${withval}" = "xno"; then
727 AC_MSG_RESULT(no)
728 else
729 AC_MSG_RESULT(yes)
730 if test x$libprelude_config_prefix != x ; then
731 if test x${LIBPRELUDE_CONFIG+set} != xset ; then
732 LIBPRELUDE_CONFIG=$libprelude_config_prefix/bin/libprelude-config
733 fi
734 fi
735
736 AC_PATH_PROG(LIBPRELUDE_CONFIG, libprelude-config, no)
737 if test x"$LIBPRELUDE_CONFIG" = "xno" ; then
738 HAVE_PRELUDE_CONFIG=no
739 else
740 HAVE_PRELUDE_CONFIG=yes
741 fi
742dnl AC_CHECK_PROG(HAVE_PRELUDE_CONFIG, libprelude-config, yes, no)
743 if test "$HAVE_PRELUDE_CONFIG" = "yes"; then
744 sh_libprelude_version=`$LIBPRELUDE_CONFIG --version`
745 case "$sh_libprelude_version" in
746 0.8*)
747 sh_prelude_libs=`$LIBPRELUDE_CONFIG --libs | sed 's,\(.*\)\( -L.* -lprelude$\),\2 \1,'`
748 sh_prelude_cflags=`$LIBPRELUDE_CONFIG --cflags`
749 LIBS="$LIBS ${sh_prelude_libs}"
750 CFLAGS="$CFLAGS ${sh_prelude_cflags}"
751 AC_DEFINE(HAVE_LIBPRELUDE,1,[Have libprelude])
752 AC_DEFINE(HAVE_LIBPRELUDE_8,1,[Have libprelude 0.8])
753 ;;
754 *)
755 AM_PATH_LIBPRELUDE([0.9.0],
756 [
757 AC_DEFINE(HAVE_LIBPRELUDE,1,[Have libprelude])
758 AC_DEFINE(HAVE_LIBPRELUDE_9,1,[Have libprelude 0.9])
759 CFLAGS="$CFLAGS $LIBPRELUDE_PTHREAD_CFLAGS"
760 LDFLAGS="$LDFLAGS $LIBPRELUDE_LDFLAGS"
761 LIBS="$LIBS $LIBPRELUDE_LIBS"
762 ],
763 [
764 AC_MSG_ERROR([Could not find libprelude.])
765 ])
766 ;;
767 esac
768 else
769 AC_MSG_ERROR([Could not find libprelude.])
770 fi
771 fi
772 ],
773 [
774 AC_MSG_RESULT(no)
775 ]
776)
777
778dnl AC_MSG_CHECKING(whether to use prelude)
779dnl AC_ARG_WITH(prelude,
780dnl [ --with-prelude Prelude IDS support [[no]]],
781dnl [
782dnl if test "x${withval}" = "xno"; then
783dnl AC_MSG_RESULT(no)
784dnl else
785dnl AC_CHECK_PROG(HAVE_PRELUDE_CONFIG, libprelude-config, yes, no)
786dnl if test "$HAVE_PRELUDE_CONFIG" = "yes"; then
787dnl sh_prelude_libs=`libprelude-config --libs | sed 's,\(.*\)\( -L.* -lprelude$\),\2 \1,'`
788dnl sh_prelude_cflags=`libprelude-config --cflags`
789dnl LIBS="$LIBS ${sh_prelude_libs}"
790dnl CFLAGS="$CFLAGS ${sh_prelude_cflags}"
791dnl AC_DEFINE(HAVE_LIBPRELUDE,1,[Have libprelude])
792dnl else
793dnl AC_MSG_ERROR([Could not find libprelude-config. Did you specify a valid path?])
794dnl fi
795dnl fi
796dnl ],
797dnl AC_MSG_RESULT(no)
798dnl )
799
800AC_ARG_ENABLE(static,
801 [ --enable-static enable static linking (recommended) [[no]]],
802 [
803 if test x$enable_static = xyes; then
804 if test x"$mynetbsd" = xyes
805 then
806 tmp_LIBS=`echo $LIBS | sed 's%\-lresolv%%' `
807 LIBS="${tmp_LIBS}"
808 fi
809 AC_DEFINE(SH_COMPILE_STATIC, 1, [Define if compiling static])
810 if test "x$GCC" = "xyes"; then
811 LDFLAGS="$LDFLAGS -static"
812 else
813 case "$host_os" in
814
815 *aix*)
816 LDFLAGS="$LDFLAGS -bnso -bI:/lib/syscalls.exp"
817 ;;
818
819 *hpux*)
820 LDFLAGS="$LDFLAGS -Wl,-a,archive"
821 ;;
822
823 *osf*)
824 LDFLAGS="$LDFLAGS -non_shared"
825 ;;
826
827 *irix*)
828 LDFLAGS="$LDFLAGS -non_shared"
829 ;;
830
831 *sco*)
832 LDFLAGS="$LDFLAGS -dn"
833 ;;
834
835 *sun*)
836 LDFLAGS="$LDFLAGS -Bstatic"
837 ;;
838
839 *solaris*)
840 LDFLAGS="$LDFLAGS -Bstatic"
841 ;;
842
843 *)
844 echo "***********************************************"
845 echo "*"
846 echo "* Don't know how to enable static linking"
847 echo "* with your compiler. Please set the environment"
848 echo "* variable LDFLAGS to:"
849 echo "* ${LDFLAGS} + the static linking flag"
850 echo "* and run configure again"
851 echo "*"
852 echo "***********************************************"
853 ;;
854
855 esac
856 fi
857 fi
858 ]
859)
860
861#
862# partly based on the snort configure.in
863#
864AC_ARG_WITH(database,
865 [ --with-database=[[mysql|postgresql|oracle|odbc]] database support [[no]]],
866 [
867 if test x"$enable_xml_log" != xyes; then
868 AC_MSG_ERROR([--with-database: --enable-xml-log required])
869 fi
870 if test "x${withval}" = "xmysql"; then
871 AC_CHECK_PROG(HAVE_MYSQL_CONFIG, mysql_config, yes, no)
872 if test "$HAVE_MYSQL_CONFIG" = "yes"; then
873 echo "mysql_config found"
874 sh_mysql_libs="`mysql_config --libs`"
875 # echo ${sh_mysql_libs}
876 sh_mysql_libs="`eval echo ${sh_mysql_libs}`"
877 # echo $mysql_libs
878 # save_libs="$LIBS"
879 # LIBS="$LIBS `mysql_config --libs`"
880 # echo $LIBS
881 LIBS="$LIBS ${sh_mysql_libs}"
882 echo $LIBS
883 sh_mysql_cflags="`mysql_config --cflags`"
884 sh_mysql_cflags="`eval echo ${sh_mysql_cflags}`"
885 # CFLAGS="$CFLAGS `mysql_config --cflags`"
886 # CFLAGS="$CFLAGS ${sh_mysql_cflags}"
887 CPPFLAGS="$CPPFLAGS ${sh_mysql_cflags}"
888 else
889 AC_MSG_CHECKING(for MySQL in /usr /usr/local /usr/local/mysql MYSQL_HOME)
890 mysql_directory="/usr /usr/local /usr/local/mysql ${MYSQL_HOME}"
891
892 for i in $mysql_directory; do
893 if test -r $i/include/mysql/mysql.h; then
894 MYSQL_DIR=$i
895 MYSQL_INC_DIR=$i/include
896 # we use AC_CHECK_HEADERS to check for mysql/mysql.h
897 fi
898 done
899 if test -z "$MYSQL_DIR"; then
900 for i in $mysql_directory; do
901 if test -r $i/include/mysql.h; then
902 MYSQL_DIR=$i
903 MYSQL_INC_DIR=$i/include
904 fi
905 done
906 fi
907
908 if test -z "$MYSQL_DIR"; then
909 tmp=""
910 for i in $mysql_directory; do
911 tmp="$tmp $i/include $i/include/mysql"
912 done
913 FAIL_MESSAGE("mysql headers (mysql.h)", $tmp)
914 fi
915
916 for i in lib lib/mysql; do
917 str="$MYSQL_DIR/$i/libmysqlclient.*"
918 for j in `echo $str`; do
919 if test -r $j; then
920 MYSQL_LIB_DIR="$MYSQL_DIR/$i"
921 break 2
922 fi
923 done
924 done
925
926 if test -z "$MYSQL_LIB_DIR"; then
927 for ff in $mysql_directory; do
928 for i in lib lib/mysql; do
929 str="$ff/$i/libmysqlclient.*"
930 for j in `echo $str`; do
931 if test -r $j; then
932 MYSQL_LIB_DIR="$ff/$i"
933 break 3
934 fi
935 done
936 done
937 done
938 fi
939
940 if test -z "$MYSQL_LIB_DIR"; then
941 tmp=""
942 for i in $mysql_directory; do
943 tmp="$i/lib $i/lib/mysql"
944 done
945 FAIL_MESSAGE("mysql library libmysqlclient", $tmp)
946 fi
947
948 AC_MSG_RESULT(yes)
949 LIBS="$LIBS -L${MYSQL_LIB_DIR} -lmysqlclient"
950 # CFLAGS="$CFLAGS -I${MYSQL_INC_DIR}"
951 CPPFLAGS="$CPPFLAGS -I${MYSQL_INC_DIR}"
952 fi
953 AC_DEFINE(WITH_MYSQL)
954 AC_DEFINE(WITH_DATABASE)
955 AC_CHECK_LIB(z, inflateEnd, [zlib_cv_libz=yes], [zlib_cv_libz=no])
956 AC_MSG_CHECKING(for zlib)
957 if test "$zlib_cv_libz" = "yes"
958 then
959 LIBS="$LIBS -lz -lm"
960 AC_MSG_RESULT(ok)
961 else
962 AC_MSG_RESULT(failed)
963 echo
964 echo " Either the mysql or the zlib library was not found"
965 echo " or was unusable, maybe because an old, incompatible"
966 echo " version is installed on your system, eg compiled from"
967 echo " source long time ago. See config.log for the error"
968 echo " message from the compiler."
969 echo " Please review your installed mysql and zlib libraries"
970 echo " and/or use --with-libs=-L/path/to/libdirectory"
971 echo " where libdirectory is the directory holding libmysql"
972 echo " or libz."
973 if test x"$enable_static" = xyes; then
974 echo " Note that for compiling a static binary, you need"
975 echo " the static libraries, rather than the shared ones."
976 fi
977 echo
978 AC_MSG_ERROR([libmysql or zlib not found or unuseable])
979 fi
980 AC_CHECK_HEADERS(mysql/mysql.h)
981 elif test "x${withval}" = "xpostgresql"; then
982 AC_DEFINE(WITH_POSTGRES)
983 AC_DEFINE(WITH_DATABASE)
984 #
985 PGCONF="no"
986 MY_PATH="${PATH}:/usr/local/bin:/usr/local/pgsql/bin"
987 OLD_IFS="$IFS"
988 IFS=":"
989 for ff in ${MY_PATH}
990 do
991 if test -f "$ff/pg_config"
992 then
993 PGCONF="$ff/pg_config"
994 fi
995 done
996 IFS="${OLD_IFS}"
997 #
998 #
999 if test "x${PGCONF}" = "xno"
1000 then
1001 AC_MSG_CHECKING(for PostgreSQL in /usr/local/pgsql /usr/pgsql /usr/local /usr PGSQL_HOME)
1002 pgsql_directory="/usr/local/pgsql /usr/pgsql /usr/local /usr ${PGSQL_HOME}"
1003 for i in $pgsql_directory; do
1004 if test -r $i/include/pgsql/libpq-fe.h; then
1005 PGSQL_INC_DIR=$i/include
1006 PGSQL_DIR=$i
1007 # use AC_CHECK_HEADERS to check for pgsql/libpq-fe.h
1008 fi
1009 done
1010 if test -z "$PGSQL_DIR"; then
1011 for i in $pgsql_directory; do
1012 if test -r $i/include/libpq-fe.h; then
1013 PGSQL_INC_DIR=$i/include
1014 PGSQL_DIR=$i
1015 fi
1016 done
1017 fi
1018
1019 if test -z "$PGSQL_DIR"; then
1020 tmp=""
1021 for i in $pgsql_directory; do
1022 tmp="$tmp $i/include $i/include/pgsql"
1023 done
1024 FAIL_MESSAGE("PostgreSQL header file (libpq-fe.h)", $tmp)
1025 fi
1026
1027 for i in lib lib/pgsql; do
1028 str="$PGSQL_DIR/$i/libpq.*"
1029 for j in `echo $str`; do
1030 if test -r $j; then
1031 PGSQL_LIB_DIR="$PGSQL_DIR/$i"
1032 break 2
1033 fi
1034 done
1035 done
1036
1037 if test -z "$PGSQL_LIB_DIR"; then
1038 for ff in $pgsql_directory; do
1039 for i in lib lib/pgsql; do
1040 str="$ff/$i/libpq.*"
1041 for j in `echo $str`; do
1042 if test -r $j; then
1043 PGSQL_LIB_DIR="$ff/$i"
1044 break 3
1045 fi
1046 done
1047 done
1048 done
1049 fi
1050
1051 if test -z "$PGSQL_LIB_DIR"; then
1052 tmp=""
1053 for i in $pgsql_directory; do
1054 tmp="$i/lib $i/lib/pgsql"
1055 done
1056 FAIL_MESSAGE("postgresql library libpq", $tmp)
1057 fi
1058
1059 AC_MSG_RESULT(yes)
1060
1061 LIBS="$LIBS -L${PGSQL_LIB_DIR} -lpq -lm"
1062 if test x"$enable_static" = xyes; then
1063 LIBS="$LIBS -L${PGSQL_LIB_DIR} -lpq -lcrypt -lm"
1064 else
1065 LIBS="$LIBS -L${PGSQL_LIB_DIR} -lpq -lm"
1066 fi
1067 # CFLAGS="$CFLAGS -I${PGSQL_INC_DIR}"
1068 CPPFLAGS="$CPPFLAGS -I${PGSQL_INC_DIR}"
1069 AC_CHECK_HEADERS(pgsql/libpq-fe.h)
1070 else
1071 pg_lib_dir=`${PGCONF} --libdir`
1072 if test x"$enable_static" = xyes; then
1073 LIBS="$LIBS -L${pg_lib_dir} -lpq -lcrypt -lm"
1074 else
1075 LIBS="$LIBS -L${pg_lib_dir} -lpq -lm"
1076 fi
1077 pg_inc_dir=`${PGCONF} --includedir`
1078 # CFLAGS="$CFLAGS -I${pg_inc_dir}"
1079 CPPFLAGS="$CPPFLAGS -I${pg_inc_dir}"
1080 fi
1081 elif test "x${withval}" = "xodbc"; then
1082 AC_MSG_CHECKING(for odbc in /usr /usr/local ODBC_HOME)
1083 odbc_directory="/usr /usr/local"
1084
1085 for i in $odbc_directory; do
1086 if test -r $i/include/sql.h; then
1087 if test -r $i/include/sqlext.h; then
1088 if test -r $i/include/sqltypes.h; then
1089 ODBC_DIR=$i
1090 ODBC_INC_DIR=$i/include
1091 fi
1092 fi
1093 fi
1094 done
1095
1096 if test -z "$ODBC_DIR"; then
1097 tmp=""
1098 for i in $odbc_directory; do
1099 tmp="$tmp $i/include"
1100 done
1101 FAIL_MESSAGE("odbc headers (sql.h sqlext.h sqltypes.h)", $tmp)
1102 fi
1103
1104 str="$ODBC_DIR/lib/libodbc.*"
1105 for j in `echo $str`; do
1106 if test -r $j; then
1107 ODBC_LIB_DIR="$ODBC_DIR/lib"
1108 ODBC_LIB="odbc"
1109 fi
1110 done
1111
1112 if test -z "$ODBC_LIB_DIR"; then
1113 FAIL_MESSAGE("odbc library (libodbc)", "$ODBC_DIR/lib")
1114 fi
1115
1116 AC_MSG_RESULT(yes)
1117 CPPFLAGS="${CPPFLAGS} -I${ODBC_INC_DIR}"
1118 LIBS="${LIBS} -L${ODBC_LIB_DIR} -l$ODBC_LIB"
1119 AC_DEFINE(WITH_ODBC)
1120 AC_DEFINE(WITH_DATABASE)
1121
1122 elif test "x${withval}" = "xoracle"; then
1123 AC_MSG_CHECKING(for oracle in /usr /usr/local ORACLE_HOME)
1124 oracle_directory="/usr /usr/local ${ORACLE_HOME}"
1125 for i in $oracle_directory; do
1126 if test -r $i/rdbms/demo/oci.h; then
1127 ORACLE_DIR=$i
1128 fi
1129 done
1130
1131 if test -z "$ORACLE_DIR"; then
1132 tmp=""
1133 for i in $oracle_directory; do
1134 tmp="$tmp $i/rdbms/demo"
1135 done
1136 FAIL_MESSAGE("OCI header file (oci.h)", $tmp)
1137 else
1138 for i in rdbms/demo rdbms/public network/public; do
1139 ORACLE_CPP_FLAGS="$ORACLE_CPP_FLAGS -I$ORACLE_DIR/$i"
1140 done
1141 ORACLE_LIB_DIR="$ORACLE_DIR/lib"
1142 AC_MSG_RESULT(yes)
1143
1144 CPPFLAGS="${CPPFLAGS} ${ORACLE_CPP_FLAGS}"
1145
1146 ORACLE_LIBS="-lclntsh"
1147 if test -r $ORACLE_LIB_DIR/libwtc9.so; then
1148 ORACLE_LIBS="${ORACLE_LIBS} -lwtc9"
1149 elif test -r $ORACLE_LIB_DIR/libwtc8.so; then
1150 ORACLE_LIBS="${ORACLE_LIBS} -lwtc8"
1151 fi
1152 LIBS="${LIBS} -L${ORACLE_LIB_DIR} ${ORACLE_LIBS}"
1153 fi
1154 AC_DEFINE(WITH_ORACLE)
1155 AC_DEFINE(WITH_DATABASE)
1156
1157 else
1158 AC_MSG_ERROR([--with-database: unsupported database ${withval}])
1159 fi
1160 ]
1161)
1162
1163AC_ARG_WITH(console,
1164 [ --with-console=PATH set path to console device [[/dev/console]]],
1165 [
1166 if test "x${withval}" != xno; then
1167 mycons="$withval"
1168 AC_DEFINE_UNQUOTED(DEFAULT_CONSOLE, _("${mycons}") )
1169 fi
1170 ])
1171
1172AC_ARG_WITH(altconsole,
1173 [ --with-altconsole=PATH set path to second console device [[none]]],
1174 [
1175 if test "x${withval}" != xno; then
1176 myaltcons="$withval"
1177 else
1178 myaltcons="NULL"
1179 fi
1180 ],
1181 [myaltcons="NULL"])
1182AC_DEFINE_UNQUOTED(ALT_CONSOLE, _("${myaltcons}") )
1183
1184AC_ARG_WITH(timeserver,
1185 [ --with-timeserver=HOST set host address for time server [[none]]],
1186 [
1187 if test "x${withval}" != xno; then
1188 mytimeserv="$withval"
1189 AC_DEFINE(HAVE_NTIME)
1190 else
1191 mytimeserv="NULL"
1192 fi
1193 ],
1194 mytimeserv="NULL")
1195AC_DEFINE_UNQUOTED(DEFAULT_TIMESERVER, _("${mytimeserv}") )
1196
1197AC_ARG_WITH(alttimeserver,
1198 [ --with-alttimeserver=HOST set address for backup time server [[none]]],
1199 [
1200 if test "x${withval}" != xno; then
1201 myalttimeserv="$withval"
1202 AC_DEFINE(HAVE_NTIME)
1203 else
1204 myalttimeserv="NULL"
1205 fi
1206 ],
1207 myalttimeserv="NULL")
1208AC_DEFINE_UNQUOTED(ALT_TIMESERVER, _("${myalttimeserv}") )
1209
1210AC_ARG_ENABLE(login-watch,
1211 [ --enable-login-watch watch for login/logout [[no]]],
1212 [
1213 if test "x${enable_login_watch}" = xyes; then
1214 AC_DEFINE(SH_USE_UTMP)
1215 fi
1216 ]
1217)
1218
1219AC_ARG_ENABLE(mounts-check,
1220 [ --enable-mounts-check check mount options on filesystems [[no]]],
1221 [
1222 if test "x${enable_mounts_check}" = xyes; then
1223 AC_DEFINE(SH_USE_MOUNTS)
1224 fi
1225 ]
1226)
1227
1228AC_ARG_ENABLE(userfiles,
1229 [ --enable-userfiles check for users' config files [[no]]],
1230 [
1231 if test "x${enableval}" = "xyes"; then
1232 AC_DEFINE(SH_USE_USERFILES)
1233 fi
1234 ]
1235)
1236
1237AC_ARG_ENABLE(debug,
1238 [ --enable-debug enable debug options [[no]]],
1239 [
1240 if test "x${enable_debug}" = "xyes"; then
1241 if test "x${mydebugflag}" != "xyes"; then
1242 AC_DEFINE(MEM_DEBUG)
1243 fi
1244 AC_DEFINE(WITH_TPT)
1245 AC_DEFINE(SL_DEBUG)
1246 AC_DEFINE(SL_FAIL_ON_ERROR)
1247 if test "x${myneedg3}" = "xyes"; then
1248 mydebugdef="-g3"
1249 else
1250 mydebugdef="-g"
1251 fi
1252 mydebugit="yes"
1253 fi
1254 ]
1255)
1256AC_SUBST(mydebugdef)
1257
1258AC_ARG_ENABLE(ptrace,
1259 [ --enable-ptrace use anti-debugger options [[no]]],
1260 [
1261 if test "x${enable_ptrace}" = xyes; then
1262 if test "x$mydebugit" != "xyes"; then
1263 AC_DEFINE(SCREW_IT_UP)
1264 fi
1265 fi
1266 ]
1267)
1268
1269dnl
1270if test "x$GCC" = "xyes"; then
1271 if test ! -z "`echo "$CFLAGS" | grep "\-g\ " 2> /dev/null`" ; then
1272 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
1273 fi
1274
1275dnl if test ! -z "`echo "$CFLAGS" | grep "\-O2" 2> /dev/null`" ; then
1276dnl CFLAGS=`echo $CFLAGS | sed 's%\-O2%\-O3%' `
1277dnl fi
1278
1279 if test -z "`echo "$CFLAGS" | grep "\-Wall" 2> /dev/null`" ; then
1280 CFLAGS="$CFLAGS -Wall -W "
1281 fi
1282
1283 if test -z "`echo "$CFLAGS" | grep "\-fstrength\-reduce" 2> /dev/null`"
1284 then
1285 if test -z "`echo "$CFLAGS" | grep "\-fno\-strength\-reduce" 2> /dev/null`"
1286 then
1287 CFLAGS="$CFLAGS -fno-strength-reduce"
1288 fi
1289 fi
1290
1291 if test -z "`echo "$CFLAGS" | grep "\-fomit\-frame\-pointer" 2> /dev/null`"
1292 then
1293 if test -z "`echo "$CFLAGS" | grep "\-fno\-omit\-frame\-pointer" 2> /dev/null`"
1294 then
1295 CFLAGS="$CFLAGS -fno-omit-frame-pointer"
1296 fi
1297 fi
1298
1299fi
1300
1301AC_MSG_CHECKING([which random module to use])
1302AC_ARG_WITH(rnd,
1303 [ --with-rnd=[[egd|unix|dev|default]] random number generator [[default]]],
1304[use_static_rnd=$withval], [use_static_rnd=default] )
1305
1306if test "$use_static_rnd" = no; then
1307 use_static_rnd=default
1308fi
1309
1310case "$use_static_rnd" in
1311 egd | dev | unix | default )
1312 AC_MSG_RESULT($use_static_rnd)
1313 ;;
1314 * )
1315 AC_MSG_RESULT([invalid argument])
1316 AC_MSG_ERROR([--with-rnd: there is no random module ${use_static_rnd}])
1317 ;;
1318esac
1319
1320AC_ARG_WITH(egd-socket,
1321 [ --with-egd-socket=NAME EGD socket name],
1322 egd_socket_name="$withval", egd_socket_name="" )
1323AC_DEFINE_UNQUOTED(EGD_SOCKET_NAME, _("$egd_socket_name") )
1324
1325dnl
1326dnl See whether the user wants to disable checking for /dev/random
1327
1328try_dev_random=yes
1329
1330case "$use_static_rnd" in
1331dev | default )
1332 try_dev_random=yes
1333 ;;
1334egd)
1335 AC_DEFINE(HAVE_EGD_RANDOM)
1336 try_dev_random=no
1337 ;;
1338unix)
1339 AC_DEFINE(HAVE_UNIX_RANDOM)
1340 try_dev_random=no
1341 ;;
1342esac
1343
1344
1345if test "x$try_dev_random" = "xyes"; then
1346 AC_MSG_CHECKING(whether /dev/random exists)
1347 if test -r "/dev/srandom" && test -c "/dev/srandom"; then
1348 AC_DEFINE(HAVE_URANDOM)
1349 AC_DEFINE_UNQUOTED(NAME_OF_DEV_RANDOM, _("/dev/srandom") )
1350 AC_MSG_RESULT(yes)
1351 if test -r "/dev/urandom" && test -c "/dev/urandom"; then
1352 AC_DEFINE_UNQUOTED(NAME_OF_DEV_URANDOM, _("/dev/urandom") )
1353 fi
1354 else
1355 if test -r "/dev/random" && test -c "/dev/random"; then
1356 AC_DEFINE(HAVE_URANDOM)
1357 AC_DEFINE_UNQUOTED(NAME_OF_DEV_RANDOM, _("/dev/random") )
1358 AC_MSG_RESULT(yes)
1359 if test -r "/dev/urandom" && test -c "/dev/urandom"; then
1360 AC_DEFINE_UNQUOTED(NAME_OF_DEV_URANDOM, _("/dev/urandom") )
1361 fi
1362 else
1363 AC_MSG_RESULT(no)
1364 AC_DEFINE(HAVE_UNIX_RANDOM)
1365 fi
1366 fi
1367fi
1368
1369
1370dnl
1371dnl NETWORK OPTIONS
1372dnl
1373
1374
1375AC_ARG_ENABLE(network,
1376 [ --enable-network=[[client|server]] compile client or server [[no]]],
1377 [
1378 if test "x$enable_network" = xclient; then
1379 mytclient="-DSH_WITH_CLIENT"
1380 yulectl_prg=
1381 setpwd_prg="samhain_setpwd"
1382 sh_main_prg="samhain"
1383 if test "x${sh_have_gmp}" = xyes
1384 then
1385 LIBS="-lgmp $LIBS"
1386 fi
1387dnl AC_CHECK_HEADER(sys/capability.h,
1388dnl [AC_CHECK_LIB(cap, cap_get_proc,,sh_use_lcaps="no")],
1389dnl [sh_use_lcaps="no"])
1390 elif test "x$enable_network" = xserver; then
1391 mytclient="-DSH_WITH_SERVER"
1392 yulectl_prg="yulectl"
1393 setpwd_prg="samhain_setpwd"
1394 sh_main_prg="yule"
1395 if test "x${sh_have_gmp}" = xyes
1396 then
1397 LIBS="-lgmp $LIBS"
1398 fi
1399 sh_use_lcaps="undef"
1400 elif test "x$enable_network" = xno; then
1401 mytclient="-DSH_STANDALONE"
1402 yulectl_prg=
1403 setpwd_prg=
1404 sh_main_prg="samhain"
1405dnl AC_CHECK_HEADER(sys/capability.h,
1406dnl [AC_CHECK_LIB(cap, cap_get_proc,,sh_use_lcaps="no")],
1407dnl [sh_use_lcaps="no"])
1408 else
1409 AC_MSG_ERROR([--enable-network=WHAT: WHAT must be client, server, or no])
1410 fi
1411 ],
1412 [
1413 mytclient="-DSH_STANDALONE"
1414 setpwd_prg=
1415 yulectl_prg=
1416 sh_main_prg="samhain"
1417dnl AC_CHECK_HEADER(sys/capability.h,
1418dnl [AC_CHECK_LIB(cap, cap_get_proc,,sh_use_lcaps="no")],
1419dnl [sh_use_lcaps="no"])
1420 ],
1421)
1422AC_SUBST(setpwd_prg)
1423AC_SUBST(yulectl_prg)
1424AC_SUBST(sh_main_prg)
1425AC_SUBST(mytclient)
1426
1427# needed for the rpm spec
1428clmytclient=`echo ${mytclient} | sed s%\-%%`
1429AC_SUBST(clmytclient)
1430
1431AC_ARG_ENABLE(udp,
1432 [ --enable-udp server can listen on port 514/udp [[no]]],
1433 [
1434 if test "x${enable_udp}" = xyes; then
1435 AC_DEFINE(INET_SYSLOG)
1436 fi
1437 ]
1438)
1439
1440myencrypt=yes
1441AC_ARG_ENABLE(encrypt,
1442 [ --disable-encrypt disable client/server encryption],
1443 [
1444 if test "x${enable_encrypt}" = xno; then
1445 myencrypt=no
1446 elif test "x${enable_encrypt}" = "x1"; then
1447 myencrypt=1
1448 fi
1449 ]
1450)
1451if test "x${myencrypt}" = "xyes"; then
1452 AC_DEFINE(SH_ENCRYPT)
1453 AC_DEFINE(SH_ENCRYPT_2)
1454elif test "x${myencrypt}" = "x1"; then
1455 AC_DEFINE(SH_ENCRYPT)
1456fi
1457
1458sh_use_srp_proto=yes
1459AC_ARG_ENABLE(srp,
1460 [ --disable-srp disable SRP for authentication],
1461 [
1462 if test "x${enable_srp}" = xno; then
1463 sh_use_srp_proto=no
1464 fi
1465 ]
1466)
1467if test "x${sh_use_srp_proto}" = xyes; then
1468 AC_DEFINE(USE_SRP_PROTOCOL)
1469fi
1470
1471AC_ARG_WITH(port,
1472 [ --with-port=PORT set port to use for TCP/IP connection [[49777]]],
1473 [
1474 echo "${withval}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
1475 AC_MSG_ERROR([--with-port: PORT must be numeric])
1476 myport=${withval}
1477 ],
1478 [myport="49777"])
1479AC_DEFINE_UNQUOTED(SH_DEFAULT_PORT, ${myport})
1480AC_SUBST(myport)
1481
1482AC_ARG_WITH(logserver,
1483 [ --with-logserver=HOST set host address for log server [[none]]],
1484 [
1485 case "$withval" in
1486 *.* | localhost)
1487 mylogsrv="$withval"
1488 ;;
1489 *)
1490 mylogsrv="$withval"
1491 ;;
1492 esac
1493 ],
1494 [mylogsrv="NULL"])
1495AC_DEFINE_UNQUOTED(DEFAULT_LOGSERVER, _("${mylogsrv}") )
1496AC_SUBST(mylogsrv)
1497
1498AC_ARG_WITH(altlogserver,
1499 [ --with-altlogserver=HOST set address for backup log server [[none]]],
1500 [
1501 case "$withval" in
1502 *.* | localhost)
1503 myaltlogsrv="$withval"
1504 ;;
1505 *)
1506 myaltlogsrv="$withval"
1507 ;;
1508 esac
1509 ],
1510 [myaltlogsrv="NULL"])
1511AC_DEFINE_UNQUOTED(ALT_LOGSERVER, _("${myaltlogsrv}"))
1512
1513
1514
1515dnl
1516dnl STEALTH OPTIONS
1517dnl
1518nocl_code=
1519xor_code=0
1520AC_ARG_ENABLE(nocl,
1521 [ --enable-nocl=PW no CL parsing unless first CL argument is PW],
1522 [
1523 if test "x${enableval}" != "x"; then
1524 AC_DEFINE(SH_STEALTH_NOCL)
1525 fi
1526 if test "x${enableval}" = "xstop" || test "x${enableval}" = "xstart"; then
1527 AC_MSG_ERROR([--enable-nocl: start/stop/reload/restart/status are reserved words])
1528 fi
1529 if test "x${enableval}" = "xreload" || test "x${enableval}" = "xrestart"; then
1530 AC_MSG_ERROR([--enable-nocl: start/stop/reload/restart/status are reserved words])
1531 fi
1532 if test "x${enableval}" = "xstatus"; then
1533 AC_MSG_ERROR([--enable-nocl: start/stop/reload/restart/status are reserved words])
1534 fi
1535 if test "x${enableval}" = "xno"; then
1536 AC_MSG_ERROR([--enable-nocl: use of --enable-nocl=no is ambiguous])
1537 fi
1538 nocl_code="${enable_nocl}"
1539 ]
1540)
1541AC_DEFINE_UNQUOTED(NOCL_CODE, _("${nocl_code}") )
1542AC_SUBST(nocl_code)
1543AC_ARG_ENABLE(stealth,
1544 [ --enable-stealth=XOR_VAL enable stealth mode [[no]]],
1545 [AC_DEFINE(SH_STEALTH)
1546 if test "x${enableval}" != "xyes"; then
1547 echo "${enableval}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
1548 AC_MSG_ERROR([--enable-stealth: XOR_VAL must be numeric])
1549 if test "${enableval}" -lt 127 || test "${enableval}" -gt 255; then
1550 if test x"${enableval}" = x0
1551 then
1552 :
1553 else
1554 AC_MSG_ERROR([--enable-stealth: XOR_VAL must be in the range 127 to 255])
1555 fi
1556 fi
1557 xor_code="${enable_stealth}"
1558 else
1559 xor_code=0
1560 fi
1561 stegin_prg="samhain_stealth"
1562 ],
1563 [
1564 stegin_prg=
1565 ]
1566)
1567AC_ARG_ENABLE(micro-stealth,
1568 [ --enable-micro-stealth=XOR_VAL enable micro stealth mode [[no]]],
1569 [
1570 AC_DEFINE(SH_STEALTH)
1571 AC_DEFINE(SH_STEALTH_MICRO)
1572 if test "x${enableval}" != "xyes"; then
1573 echo "${enableval}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
1574 AC_MSG_ERROR([--enable-micro-stealth: XOR_VAL must be numeric])
1575 if test "${enableval}" -lt 127 || test "${enableval}" -gt 255; then
1576 if test x"${enableval}" = x0
1577 then
1578 :
1579 else
1580 AC_MSG_ERROR([--enable-micro-stealth: XOR_VAL must be in the range 127 to 255])
1581 fi
1582 fi
1583 xor_code="${enable_micro_stealth}"
1584 else
1585 xor_code=0
1586 fi
1587 ]
1588)
1589install_name="samhain"
1590INSTALL_NAME="SAMHAIN"
1591AC_ARG_ENABLE(install-name,
1592 [ --enable-install-name=NAME name under which to install [[samhain|yule]]],
1593 [
1594 if test "x${enableval}" != "xyes"; then
1595 install_name="${enableval}"
1596 INSTALL_NAME=`echo "${enableval}" | tr [a-z] [A-Z]`
1597 else
1598 install_name="${sh_main_prg}"
1599 INSTALL_NAME=`echo "${sh_main_prg}" | tr [a-z] [A-Z]`
1600 fi
1601 ],
1602 [
1603 install_name="${sh_main_prg}"
1604 INSTALL_NAME=`echo "${sh_main_prg}" | tr [a-z] [A-Z]`
1605 ]
1606)
1607
1608
1609need_user_install=0
1610
1611AC_ARG_ENABLE(identity,
1612 [ --enable-identity=USER user if dropping root [[daemon]]],
1613 [
1614 if test x"$enableval" = xno; then
1615 myident="daemon"
1616 else
1617 myident="$enableval"
1618 fi
1619 echo "${myident}" | grep ['[^0123456789]'] >/dev/null 2>&1 || \
1620 AC_MSG_ERROR([--enable-identity: need username, not UID])
1621 myident_uid=`(cat /etc/passwd; ypcat passwd) 2>/dev/null |\
1622 grep "^${myident}:" | awk -F: '{ print $3; }'`
1623 if test x"${myident_uid}" = x; then
1624 AC_MSG_WARN([--enable-identity: user ${myident} will be added upon install])
1625 need_user_install=1
1626 fi
1627 ],
1628 [
1629 for myident in ${install_name} daemon nobody; do
1630 AC_MSG_CHECKING(for user ${myident})
1631 myident_uid=`(cat /etc/passwd; ypcat passwd) 2>/dev/null |\
1632 grep "^${myident}:" | awk -F: '{ print $3; }'`
1633 if test x"${myident_uid}" != x; then
1634 AC_MSG_RESULT(yes)
1635 break;
1636 else
1637 AC_MSG_RESULT(no)
1638 fi
1639 done
1640 if test x"${myident_uid}" = x; then
1641 myident=${install_name}
1642 AC_MSG_WARN([--enable-identity: user ${myident} will be added upon install])
1643 need_user_install=1
1644 fi
1645 ])
1646AC_DEFINE_UNQUOTED(DEFAULT_IDENT, _("${myident}") )
1647AC_SUBST(myident)
1648AC_SUBST(need_user_install)
1649
1650sh_insmod_cmd=": # no kernel module"
1651sh_lkm=""
1652lkm_inc=""
1653khidemap="/boot/System.map"
1654sh_syscalltable="0x0"
1655AC_ARG_ENABLE(khide,
1656 [ --enable-khide=SYSTEM_MAP use kernel module to hide (Linux only)[[/boot/System.map]]],
1657 [
1658 if test "x${enable_khide}" != xno; then
1659 if test "x${enableval}" != "xyes"; then
1660 khidemap="${enableval}"
1661 fi
1662 sh_syscalltable=`grep 'D sys_call_table' ${khidemap} | awk '{print $1}'`
1663 if test x"$sh_syscalltable" = x; then
1664 sh_syscalltable=`grep 'd sys_call_table' ${khidemap} | awk '{print $1}'`
1665 if test x"$sh_syscalltable" = x; then
1666 AC_MSG_ERROR([--enable-khide: symbol sys_call_table not found in ${khidemap}])
1667 fi
1668 fi
1669 sh_syscalltable="0x${sh_syscalltable}"
1670 install_name_len=`echo ${install_name} | awk '{ print(length()); }'`
1671 if test "${install_name_len}" -gt 15 ; then
1672 AC_MSG_ERROR([--enable-khide: install_name exceeds 15 char length limit])
1673 fi
1674 AC_DEFINE(SH_USE_LKM)
1675 AC_DEFINE_UNQUOTED(SH_MAGIC_HIDE, "${install_name}")
1676
1677 # -- NEW --
1678 kernel_version=`uname -r | sed s,2.6.*,LINUX26,`
1679 if test x"$kernel_version" = xLINUX26
1680 then
1681 sh_modlist_lock=`egrep ['[bd] modlist_lock$'] ${khidemap} | awk '{print $1}'`
1682 if test x"$sh_modlist_lock" = x; then
1683 AC_MSG_ERROR([--enable-khide: symbol modlist_lock not found in ${khidemap}])
1684 fi
1685 sh_modlist_lock="0x${sh_modlist_lock}"
1686 AC_DEFINE_UNQUOTED(SH_MODLIST_LOCK, ${sh_modlist_lock}, [The address of the modules list spinlock])
1687
1688 sh_list_modules=`egrep 'd modules$' ${khidemap} | awk '{print $1}'`
1689 if test x"$sh_list_modules" = x; then
1690 AC_MSG_ERROR([--enable-khide: symbol modules not found in ${khidemap}])
1691 fi
1692 sh_list_modules="0x${sh_list_modules}"
1693 AC_DEFINE_UNQUOTED(SH_LIST_MODULES, ${sh_list_modules}, [The address of the modules list])
1694
1695 AC_DEFINE(LINUX26, 1, [Define if kernel is 2.6])
1696 sh_insmod_cmd="modprobe ${install_name}_hide"
1697 sh_lkm="samhain_hide.ko"
1698 else
1699 sh_insmod_cmd="insmod ${install_name}_hide; insmod ${install_name}_erase; rmmod ${install_name}_erase"
1700 sh_lkm="samhain_hide.o samhain_erase.o"
1701 fi
1702 # -- END NEW --
1703
1704 kvers=`uname -r`
1705 if test -f /lib/modules/${kvers}/build/include/linux/kernel.h; then
1706 lkm_inc="-I/lib/modules/${kvers}/build/include"
1707 else
1708 AC_MSG_WARN([--enable-khide: /lib/modules/${kvers}/build/include/linux not found])
1709 AC_MSG_WARN([--enable-khide: You may need to install the kernel-source])
1710 AC_MSG_WARN([--enable-khide: headers for the currently-running kernel.])
1711 fi
1712 sh_is_vanilla_kernel=yes
1713 if test -f /lib/modules/${kvers}/build/include/linux/sched.h; then
1714 grep 'next_task,' /lib/modules/${kvers}/build/include/linux/sched.h >/dev/null 2>&1 || sh_is_vanilla_kernel=no
1715 fi
1716 if test x"${sh_is_vanilla_kernel}" = xno; then
1717 echo "This is not a 2.4 vanilla kernel"
1718 else
1719 AC_DEFINE(SH_VANILLA_KERNEL)
1720 fi
1721 fi
1722 ]
1723)
1724AC_SUBST(lkm_inc)
1725AC_SUBST(sh_lkm)
1726AC_SUBST(sh_insmod_cmd)
1727AC_SUBST(install_name)
1728AC_SUBST(INSTALL_NAME)
1729AC_SUBST(stegin_prg)
1730AC_SUBST(xor_code)
1731
1732AC_DEFINE_UNQUOTED(XOR_CODE, ${xor_code})
1733AC_DEFINE_UNQUOTED(SH_SYSCALLTABLE, ${sh_syscalltable})
1734
1735
1736exepack_state0=`${srcdir}/c_random.sh 2>/dev/null`
1737exepack_state1=`${srcdir}/c_random.sh 2>/dev/null`
1738exepack_state2=`${srcdir}/c_random.sh 2>/dev/null`
1739
1740AC_DEFINE_UNQUOTED(EXEPACK_STATE_0, ${exepack_state0})
1741AC_DEFINE_UNQUOTED(EXEPACK_STATE_1, ${exepack_state1})
1742AC_DEFINE_UNQUOTED(EXEPACK_STATE_2, ${exepack_state2})
1743
1744
1745AC_ARG_ENABLE(suidcheck,
1746 [ --enable-suidcheck check for suid/sgid files [[no]]],
1747 [
1748 if test "x${enableval}" = "xyes"; then
1749 AC_DEFINE(SH_USE_SUIDCHK)
1750 fi
1751 ]
1752)
1753
1754
1755systemmap="/boot/System.map"
1756sh_libkvm=""
1757AC_ARG_WITH(kcheck,
1758 [ --with-kcheck[[=SYSTEM_MAP]] check Linux/FreeBSD/OpenBSD kernel integrity [[/boot/System.map]]],
1759 [
1760 if test "x${withval}" != "xno"; then
1761 AC_DEFINE(SH_USE_KERN)
1762 kernelversion=`uname -r`
1763 AC_DEFINE_UNQUOTED(SH_KERNEL_VERSION, _("${kernelversion}"), [Define the kernel version])
1764 if test "x${withval}" != "xyes"; then
1765 systemmap="${withval}"
1766 fi
1767 if test "x${cross_compiling}" = xyes; then
1768 :
1769 elif test "x$selectconfig" = "xfreebsd"; then
1770 LIBS="$LIBS -lkvm"
1771 sh_libkvm="-lkvm"
1772 elif test -f "${systemmap}"; then
1773 :
1774 else
1775 AC_MSG_ERROR([--with-kcheck: cannot find system map ${systemmap}])
1776 fi
1777 fi
1778 ]
1779)
1780AC_SUBST(systemmap)
1781AC_SUBST(sh_libkvm)
1782
1783AC_ARG_ENABLE(base,
1784 [ --enable-base=B1,B2 base key (0...2147483647)],
1785 [
1786 AC_MSG_CHECKING(base key setting)
1787 my_key_A=`echo ${enableval} | awk 'BEGIN{FS=","}{print $1}'`
1788 my_key_B=`echo ${enableval} | awk 'BEGIN{FS=","}{print $2}'`
1789 AC_MSG_RESULT(${my_key_A} ${my_key_B})
1790 if test "x${my_key_A}" = x; then
1791 AC_MSG_ERROR([--enable-base: first base key has zero length])
1792 fi
1793 if test "x${my_key_B}" = x; then
1794 AC_MSG_ERROR([--enable-base: second base key has zero length])
1795 fi
1796 echo "${my_key_A}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
1797 AC_MSG_ERROR([--enable-base: base key must be numeric in the range 0 to 2147483647])
1798 echo "${my_key_B}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
1799 AC_MSG_ERROR([--enable-base: base key must be numeric in the range 0 to 2147483647])
1800 ],
1801 [
1802 AC_MSG_CHECKING(base key setting .. collecting entropy)
1803 my_key_1=`${srcdir}/c_random.sh 2>/dev/null`
1804 my_key_2=`${srcdir}/c_random.sh 2>/dev/null`
1805 my_key_3=`${srcdir}/c_random.sh 2>/dev/null`
1806 my_key_4=`${srcdir}/c_random.sh 2>/dev/null`
1807 my_key_A=`expr $my_key_1 \* 32767`
1808 my_key_A=`echo ${my_key_A} | sed 's%^0*%%g' 2>/dev/null`
1809 my_key_A=`expr $my_key_A \+ $my_key_2`
1810 my_key_B=`expr $my_key_3 \* 32767`
1811 my_key_B=`echo ${my_key_B} | sed 's%^0*%%g' 2>/dev/null`
1812 my_key_B=`expr $my_key_B \+ $my_key_4`
1813 AC_MSG_RESULT(${my_key_A} ${my_key_B})
1814 ]
1815 )
1816AC_SUBST(my_key_A)
1817AC_SUBST(my_key_B)
1818
1819dnl low bytes
1820my_key_1=`expr $my_key_A \% 65536`
1821dnl high bytes
1822my_key_2=`expr $my_key_A \/ 65536`
1823dnl low bytes
1824my_key_3=`expr $my_key_B \% 65536`
1825dnl high bytes
1826my_key_4=`expr $my_key_B \/ 65536`
1827
1828dnl echo ${my_key_1} ${my_key_2} ${my_key_3} ${my_key_4}
1829
1830dnl touch ./sh_MK.h
1831dnl echo "#ifndef SH_MK_H" >> ./sh_MK.h
1832dnl echo "#define SH_MK_H" >> ./sh_MK.h
1833dnl ${srcdir}/c_bits.sh ${my_key_1} MKB >> ./sh_MK.h
1834dnl ${srcdir}/c_bits.sh ${my_key_2} MKA >> ./sh_MK.h
1835dnl ${srcdir}/c_bits.sh ${my_key_3} MKC >> ./sh_MK.h
1836dnl ${srcdir}/c_bits.sh ${my_key_4} MKD >> ./sh_MK.h
1837dnl echo "#endif" >> ./sh_MK.h
1838AC_SUBST(my_key_1)
1839AC_SUBST(my_key_2)
1840AC_SUBST(my_key_3)
1841AC_SUBST(my_key_4)
1842
1843AC_MSG_CHECKING(key position)
1844pos_tf_1=`${srcdir}/c_random.sh 2>/dev/null`
1845pos_tf_2=`expr $pos_tf_1 \% 8`
1846pos_tf=`expr $pos_tf_2 + 1`
1847AC_MSG_RESULT(${pos_tf})
1848AC_DEFINE_UNQUOTED(POS_TF, ${pos_tf} )
1849
1850mykeybase=`echo ${my_key_A},${my_key_B}`
1851AC_DEFINE_UNQUOTED(DEFKEY, ${mykeybase} )
1852AC_SUBST(mykeybase)
1853
1854
1855dnl
1856dnl GPG/PGP options
1857dnl
1858
1859AC_ARG_WITH(gpg,
1860 [ --with-gpg=PATH use GnuPG to verify database/config [[no]]],
1861 [
1862 if test "x${withval}" != "xno"; then
1863 if test "x${cross_compiling}" = xyes; then
1864 mygpg="${withval}"
1865 else
1866 if test -f "${withval}"; then
1867 mygpg="${withval}"
1868 mychk0=`${withval} --load-extension tiger --print-md TIGER192 ${withval} 2>/dev/null`
1869 if test "x$?" != "x0"; then
1870 mychktest=no
1871 for sampre in ./samhain ./yule /usr/local/sbin/samhain /usr/local/bin/samhain /usr/bin/samhain /usr/sbin/samhain /usr/local/sbin/yule /usr/local/bin/yule /usr/bin/yule /usr/sbin/yule; do
1872 if test x"${mychktest}" = xyes
1873 then
1874 :
1875 else
1876 if test -f ${sampre}
1877 then
1878 echo "use existing ${sampre} for gpg checksum"
1879 mychk0=`${sampre} -H ${withval} 2>/dev/null`
1880 if test "x$?" != "x0"; then
1881 :
1882 else
1883 mychk="${mychk0}"
1884 mychktest=yes
1885 fi
1886 fi
1887 fi
1888 done
1889 if test x${mychktest} = xno; then
1890 AC_MSG_WARN([--with-gpg: cannot determine TIGER192 checksum of ${withval}])
1891 echo "-------------------------------------------------------------"
1892 echo " Your gpg binary does not support the TIGER192 checksum, "
1893 echo " and I cannot find an existing samhain binary to use instead."
1894 echo " You can:"
1895 echo " (a) run make to compile a samhain binary, then repeat"
1896 echo " ./configure and make"
1897 echo " (b) ignore the failure. The checksum of the gpg binary"
1898 echo " will not get compiled in, thus allowing an attacker"
1899 echo " to replace gpg with a trojan and subverting the gpg"
1900 echo " signature verification of configure and database files."
1901 echo "-------------------------------------------------------------"
1902 fi
1903 else
1904 mychk="${mychk0}"
1905 fi
1906 else
1907 AC_MSG_WARN([--with-gpg: cannot find GnuPG PATH=${withval}])
1908 fi
1909 fi
1910 AC_DEFINE(WITH_GPG)
1911 AC_DEFINE_UNQUOTED(DEFAULT_GPG_PATH, _("${mygpg}") )
1912 AC_SUBST(mygpg)
1913 fi
1914 ]
1915)
1916
1917dnl AC_ARG_WITH(pgp,
1918dnl [ --with-pgp=PATH Use PGP to verify database/config (no).],
1919dnl [myppg="$withval"
1920dnl AC_DEFINE(WITH_PGP)
1921dnl AC_DEFINE_UNQUOTED(DEFAULT_PGP_PATH, _("${myppg}") )
1922dnl ])
1923
1924AC_ARG_WITH(checksum,
1925 [ --with-checksum=CHKSUM compile in gpg/pgp checksum [[yes]]],
1926 [
1927 if test "x${withval}" != "xno"; then
1928 if test "x${withval}" != "xyes"; then
1929 if test "x${mychk}" != "x"; then
1930 if test "x${mychk}" != "x${withval}"; then
1931 AC_MSG_WARN([--with-checksum: possible gpg CHKSUM problem])
1932 AC_MSG_WARN([--with-checksum: CHKSUM=${withval}])
1933 AC_MSG_WARN([--with-checksum: autodetected=${mychk}])
1934 fi
1935 fi
1936 mychk="${withval}"
1937 else
1938 if test "x${mychk}" = "x"; then
1939 AC_MSG_ERROR([--with-checksum: gpg CHKSUM not specified])
1940 fi
1941 fi
1942 AC_DEFINE(HAVE_GPG_CHECKSUM)
1943 AC_DEFINE_UNQUOTED(GPG_HASH, _("${mychk}") )
1944 echo "${mychk}" | sed 's,.*:,,g' | sed 's, ,,g' | sed 's,\(.\),\1:,g' | awk '{ split($0, arr, ":"); m = length($1)/2; print "#ifndef CHKSUM_H"; print "#define CHKSUM_H"; print "char gpgchk[50];"; for (i=1; i <= m; i++) printf "gpgchk[%d] = %c%s%c;\n", i-1, 39, arr[i], 39; printf "gpgchk[48] = %c%c0%c;\n", 39, 92, 39; print "#endif"; }' > sh_gpg_chksum.h
1945 fi
1946 ],
1947 [
1948 if test "x${mygpg}" != "x"; then
1949 if test "x${mychk}" != "x"; then
1950 AC_DEFINE(HAVE_GPG_CHECKSUM)
1951 AC_DEFINE_UNQUOTED(GPG_HASH, _("${mychk}") )
1952 echo "${mychk}" | sed 's,.*:,,g' | sed 's, ,,g' | sed 's,\(.\),\1:,g' | awk '{ split($0, arr, ":"); m = length($1)/2; print "#ifndef CHKSUM_H"; print "#define CHKSUM_H"; print "char gpgchk[50];"; for (i=1; i <= m; i++) printf "gpgchk[%d] = %c%s%c;\n", i-1, 39, arr[i], 39; printf "gpgchk[48] = %c%c0%c;\n", 39, 92, 39; print "#endif"; }' > sh_gpg_chksum.h
1953 fi
1954 fi
1955 ]
1956)
1957
1958AC_ARG_WITH(fp,
1959 [ --with-fp=FINGERPRINT compile in public key fingerprint [[no]]],
1960 [
1961 if test "x${withval}" != "xno"; then
1962 if test "x${withval}" != "xyes"; then
1963 withval0=`echo ${withval} | sed 's% %%g'`
1964 echo "${withval0}" | \
1965 grep ['[^0123456789abcdefABCDEF]'] >/dev/null 2>&1 &&
1966 AC_MSG_ERROR([--with-fp: invalid character(s) in FINGERPRINT=${withval0}])
1967 sh_len=`echo ${withval0} | wc -c | sed 's% %%g'`
1968 sh_len0=`expr ${sh_len} \- 1`
1969 if test "x${sh_len0}" = "x40" || test "x${sh_len0}" = "x32"
1970 then
1971 myfp="${withval0}"
1972 AC_DEFINE(USE_FINGERPRINT)
1973 AC_DEFINE_UNQUOTED(SH_GPG_FP, _("${myfp}") )
1974 echo "${myfp}" | sed 's,.*:,,g' | sed 's, ,,g' | sed 's,\(.\),\1:,g' | awk '{ split($0, arr, ":"); m = length($1)/2; print "#ifndef FINGERPRINT_H"; print "#define FINGERPRINT_H"; printf "char gpgfp[%d];\n", m+1; for (i=1; i <= m; i++) printf "gpgfp[%d] = %c%s%c;\n", i-1, 39, arr[i], 39; printf "gpgfp[%d] = %c%c0%c;\n", m, 39, 92, 39; print "#endif"; }' > sh_gpg_fp.h
1975 else
1976 AC_MSG_ERROR([--with-fp: length (${sh_len0}) of FINGERPRINT ${withval0} incorrect])
1977 fi
1978 else
1979 AC_MSG_ERROR([--with-fp: usage error ... FINGERPRINT=yes])
1980 fi
1981 fi
1982 ])
1983
1984
1985dnl
1986dnl MAIL OPTIONS
1987dnl
1988
1989AC_ARG_WITH(recipient,
1990 [ --with-recipient=ADDR set recipient(s) for e-mail [[none]]],
1991 [
1992 withval0=`echo ${withval} | sed 's%,% %g'`
1993 for sh_item in ${withval0}
1994 do
1995 case ${sh_item} in
1996 *@localhost)
1997 ;;
1998 *@*.*)
1999 sh_tmp=`echo ${sh_item} | awk '{ if ($1 ~ [/^[a-zA-Z0-9][a-zA-Z0-9\-_\.]*@[a-zA-Z0-9\-\.]+\.([a-zA-Z]+|[0-9]+)$/]) {print 1; } else { print 0}}'`
2000 if test "x${sh_tmp}" != "x1"
2001 then
2002 AC_MSG_ERROR([--with-recipient: invalid mail address ${sh_item}])
2003 fi
2004 ;;
2005 *)
2006 AC_MSG_ERROR([--with-recipient: invalid mail address ${sh_item}])
2007 ;;
2008 esac
2009 done
2010 myrcp="$withval0"
2011 ],
2012 [myrcp="NULL"])
2013AC_DEFINE_UNQUOTED(DEFAULT_MAILADDRESS, _("${myrcp}") )
2014
2015
2016AC_ARG_WITH(sender,
2017 [ --with-sender=SENDER set sender for e-mail [[daemon]]],
2018 [
2019 mysender="${withval}"
2020 ],
2021 [
2022 mysender="daemon"
2023 ])
2024AC_DEFINE_UNQUOTED(DEFAULT_SENDER, _("${mysender}") )
2025
2026
2027dnl
2028dnl PATHS
2029dnl
2030
2031AC_ARG_WITH(trusted,
2032 [ --with-trusted=UID Set uid(s) of trusted users [[0]]],
2033 [
2034 sh_tmp_test=no
2035 sh_tmp=`echo ${withval} | sed 's%,% %g'`
2036 for sh_tmp1 in ${sh_tmp}
2037 do
2038 echo "${sh_tmp1}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
2039 AC_MSG_ERROR([--with-trusted: non-numeric UID in ${withval}])
2040 if test "x${sh_tmp1}" = "x0"
2041 then
2042 sh_tmp_test=yes
2043 fi
2044 done
2045 if test "x${sh_tmp_test}" = "xno"
2046 then
2047 withval="0,${withval}"
2048 fi
2049 mytrust="${withval}"
2050 ],
2051 [mytrust="0"] )
2052AC_DEFINE_UNQUOTED(SL_ALWAYS_TRUSTED, ${mytrust} )
2053AC_SUBST(mytrust)
2054
2055AC_ARG_WITH(tmp-dir,
2056 [ --with-tmp-dir=PFX set directory for temporary files [[HOME]]],
2057 [
2058 if test "x${cross_compiling}" = xyes; then
2059 :
2060 else
2061 if test -d "${withval}"; then
2062 my_tmp_dir="$withval"
2063 AC_DEFINE_UNQUOTED(SH_TMPDIR, _("${my_tmp_dir}") )
2064 else
2065 AC_MSG_ERROR([--with-tmp-dir: tmp directory ${withval} does not exist])
2066 fi
2067 fi
2068 ]
2069)
2070
2071dnl
2072dnl PATH DEFAULTS
2073dnl
2074
2075if test "x${ac_prefix_set}" = xyes
2076then
2077 if test "x${exec_prefix}" = xNONE
2078 then
2079 exec_prefix="${prefix}"
2080 fi
2081
2082 if test "x${prefix}" = xOPT
2083 then
2084 tmp_sbindir="/opt/${install_name}/bin"
2085 tmp_sysconfdir="/etc/opt"
2086 tmp_mandir="/opt/${install_name}/man"
2087 tmp_localstatedir="/var/opt/${install_name}"
2088 elif test "x${prefix}" = xUSR
2089 then
2090 tmp_sbindir="/usr/sbin"
2091 tmp_sysconfdir="/etc"
2092 tmp_mandir="/usr/share/man"
2093 tmp_localstatedir="/var"
2094 else
2095 tmp_sbindir=`eval echo ${sbindir}`
2096 tmp_sysconfdir=`eval echo ${sysconfdir}`
2097 tmp_mandir=`eval echo ${mandir}`
2098 tmp_localstatedir=`eval echo ${localstatedir}`
2099 fi
2100else
2101 prefix=""
2102 if test "x${ac_exec_prefix_set}" = xyes
2103 then
2104 tmp_sbindir=`eval echo ${sbindir}`
2105 else
2106 tmp_sbindir="/usr/local/sbin"
2107 fi
2108 tmp_sysconfdir="/etc"
2109 # share/man -> man (FHS) 11.10.2002
2110 tmp_mandir="/usr/local/man"
2111 tmp_localstatedir="/var"
2112fi
2113
2114
2115if test "x${ac_sbindir_set}" = xyes
2116then
2117 :
2118else
2119 sbindir=`eval echo ${tmp_sbindir}`
2120fi
2121
2122
2123if test "x${ac_sysconfdir_set}" = xyes
2124then
2125 :
2126else
2127 sysconfdir=`eval echo ${tmp_sysconfdir}`
2128fi
2129
2130if test "x${ac_mandir_set}" = xyes
2131then
2132 :
2133else
2134 mandir=`eval echo ${tmp_mandir}`
2135fi
2136
2137if test "x${ac_localstatedir_set}" = xyes
2138then
2139 :
2140else
2141 localstatedir=`eval echo ${tmp_localstatedir}`
2142fi
2143
2144
2145
2146AC_ARG_WITH(config-file,
2147 [ --with-config-file=FILE configuration file [[/etc/{install_name}rc]]],
2148 [
2149 myconffile="${withval}"
2150 changequote(<<, >>)dnl
2151 tmp=`echo ${withval} | sed 's%^REQ_FROM_SERVER%%'`
2152 sysconfdir=`echo ${tmp} | sed 's%/[^/][^/]*$%%'`
2153 myrpmconffile="${tmp}"
2154 changequote([, ])dnl
2155 ],
2156 [
2157 myconffile="${sysconfdir}/${install_name}rc"
2158 myrpmconffile="${myconffile}"
2159 ]
2160)
2161AC_DEFINE_UNQUOTED(DEFAULT_CONFIGFILE, _("${myconffile}") )
2162AC_SUBST(myconffile)
2163AC_SUBST(myrpmconffile)
2164
2165AC_ARG_WITH(log-file,
2166 [ --with-log-file=FILE path of log file [[/var/log/{install_name}_log]]],
2167 [
2168 mylogfile="$withval"
2169 changequote(<<, >>)dnl
2170 mylogdir=`echo ${withval} | sed 's%/[^/][^/]*$%%'`
2171 changequote([, ])dnl
2172 ],
2173 [
2174 if test "x${mytclient}" = "x-DSH_WITH_SERVER"; then
2175 mylogfile="${localstatedir}/log/${install_name}/${install_name}_log"
2176 mylogdir="${localstatedir}/log/${install_name}"
2177 else
2178 mylogfile="${localstatedir}/log/${install_name}_log"
2179 mylogdir="${localstatedir}/log"
2180 fi
2181 ]
2182)
2183AC_DEFINE_UNQUOTED(DEFAULT_ERRFILE, _("${mylogfile}") )
2184AC_DEFINE_UNQUOTED(DEFAULT_LOGDIR, _("${mylogdir}") )
2185AC_SUBST(mylogfile)
2186AC_SUBST(mylogdir)
2187
2188AC_ARG_WITH(pid-file,
2189 [ --with-pid-file=FILE set path of pid file [[/var/run/{install_name}.pid]]],
2190 [
2191 mylockfile="$withval"
2192 changequote(<<, >>)dnl
2193 mylockdir=`echo ${withval} | sed 's%/[^/][^/]*$%%'`
2194 changequote([, ])dnl
2195 ],
2196 [
2197 mylockfile="${localstatedir}/run/${install_name}.pid"
2198 mylockdir="${localstatedir}/run"
2199 ]
2200)
2201AC_DEFINE_UNQUOTED(DEFAULT_ERRLOCK, _("${mylockfile}") )
2202AC_DEFINE_UNQUOTED(DEFAULT_PIDDIR, _("${mylockdir}") )
2203AC_SUBST(mylockfile)
2204AC_SUBST(mylockdir)
2205
2206AC_ARG_WITH(state-dir,
2207 [ --with-state-dir=PFX set state data directory [[/var/lib/{install_name}]]],
2208 [
2209 mydataroot="$withval"
2210 ],
2211 [
2212 mydataroot="${localstatedir}/lib/${install_name}"
2213 ]
2214 )
2215AC_ARG_WITH(data-file,
2216 [ --with-data-file=FILE set path of data file],
2217 [
2218 mydatafile="$withval"
2219 changequote(<<, >>)dnl
2220 tmp=`echo ${withval} | sed 's%^REQ_FROM_SERVER%%'`
2221 mydataroot=`echo ${tmp} | sed 's%/[^/][^/]*$%%'`
2222 myrpmdatafile="${tmp}"
2223 changequote([, ])dnl
2224 if test x"${tmp}" = x
2225 then
2226 echo "No local path in data file ${withval}"
2227 echo "This will not work for initializing the database."
2228 if test x"${withval}" = xREQ_FROM_SERVER
2229 then
2230 echo "It should be REQ_FROM_SERVER/some/local/path"
2231 fi
2232 AC_MSG_ERROR([--with-data-file: invalid path ${withval}])
2233 fi
2234 ],
2235 [
2236 mydatafile="${mydataroot}/${install_name}_file"
2237 myrpmdatafile="${mydatafile}"
2238 ])
2239AC_DEFINE_UNQUOTED(DEFAULT_DATA_FILE, _("${mydatafile}") )
2240AC_SUBST(mydatafile)
2241AC_SUBST(myrpmdatafile)
2242
2243AC_DEFINE_UNQUOTED(DEFAULT_DATAROOT, _("${mydataroot}") )
2244AC_SUBST(mydataroot)
2245
2246AC_DEFINE_UNQUOTED(DEFAULT_QDIR, _("${mydataroot}/.quarantine") )
2247AC_SUBST(myqdir)
2248
2249
2250AC_ARG_WITH(html-file,
2251 [ --with-html-file=FILE set path of html file,],
2252 [
2253 myhtmlfile="$withval"
2254 ],
2255 [
2256 myhtmlfile="${mylogdir}/${install_name}.html"
2257 ])
2258AC_DEFINE_UNQUOTED(DEFAULT_HTML_FILE, _("${myhtmlfile}") )
2259AC_SUBST(myhtmlfile)
2260
2261
2262mydefargs=$ac_configure_args
2263# if test -z "`echo "$mydefargs" | grep "\-\-enable\-static" 2> /dev/null`"
2264# then
2265# mydefargs="--enable-static $mydefargs"
2266# fi
2267if test -z "`echo "$mydefargs" | grep "\-\-enable\-base" 2> /dev/null`"
2268then
2269 mydefargs="--enable-base=${mykeybase} $mydefargs"
2270fi
2271AC_SUBST(mydefargs)
2272
2273
2274AC_DEFINE_UNQUOTED(SH_INSTALL_DIR, _("${sbindir}"))
2275AC_DEFINE_UNQUOTED(SH_INSTALL_PATH, _("${sbindir}/${install_name}"))
2276AC_DEFINE_UNQUOTED(SH_INSTALL_NAME, _("${install_name}"))
2277
2278AC_CONFIG_HEADER(config.h)
2279
2280AC_OUTPUT(
2281[
2282Makefile
2283samhain-install.sh
2284init/samhain.startLSB
2285init/samhain.startLinux
2286init/samhain.startGentoo
2287init/samhain.startFreeBSD
2288init/samhain.startSolaris
2289init/samhain.startHPUX
2290init/samhain.startIRIX
2291samhain.spec
2292rules.deb
2293rules.deb-light
2294hp_ux.psf
2295scripts/samhain.spec
2296scripts/redhat_i386.client.spec
2297scripts/samhain.ebuild
2298scripts/samhain.ebuild-light
2299scripts/samhainadmin.pl
2300scripts/check_samhain.pl
2301deploy.sh
2302],
2303[
2304echo timestamp > stamp-h
2305chmod +x samhain-install.sh
2306chmod +x scripts/samhainadmin.pl
2307chmod +x scripts/check_samhain.pl
2308]
2309)
2310
2311chmod +x deploy.sh
2312
2313if test "x${cross_compiling}" = xyes
2314then
2315
2316echo "--------------------------------------------------------------"
2317echo
2318echo "You are using a cross-compiler. The following system dependent"
2319echo "values may have been set to default values that may be"
2320echo "incorrect for your target system: "
2321echo
2322echo "ac_cv_c_bigendian bigendian byte order ${ac_cv_c_bigendian}"
2323echo "ac_cv_c_long_double long double exists ${ac_cv_c_long_double}"
2324echo "ac_cv_sizeof_char_p size of pointer to char ${ac_cv_sizeof_char_p}"
2325echo "ac_cv_sizeof_char_p size of size_t ${ac_cv_sizeof_size_t}"
2326echo "ac_cv_sizeof_unsigned_int_ size of unsigned int ${ac_cv_sizeof_unsigned_int_}"
2327echo "ac_cv_sizeof_unsigned_long size of unsigned long ${ac_cv_sizeof_unsigned_long}"
2328echo "ac_cv_sizeof_unsigned_short size of unsigned short ${ac_cv_sizeof_unsigned_short}"
2329echo
2330echo "If these values are incorrect, change them in the file "
2331echo "config.cache and run configure again."
2332echo
2333echo "--------------------------------------------------------------"
2334
2335fi
2336
2337if test x${silent} != xyes
2338then
2339
2340 # A=`eval echo ${sbindir}` ; A=`eval echo ${A}`
2341 # B=`eval echo ${myconffile}` ; B=`eval echo ${B}`
2342 # C=`eval echo ${mandir}` ; C=`eval echo ${C}`
2343 # D=`eval echo ${mylockfile}` ; D=`eval echo ${D}`
2344 # E=`eval echo ${mylogfile}` ; E=`eval echo ${E}`
2345 # F=`eval echo ${mydataroot}` ; F=`eval echo ${F}`
2346
2347 echo
2348 echo " samhain has been configured as follows:"
2349 echo " System binaries: ${sbindir}"
2350 echo " Configuration file: ${myconffile}"
2351 echo " Manual pages: ${mandir}"
2352 echo " Data: ${mydataroot}"
2353 echo " PID file: ${mylockfile}"
2354 echo " Log file: ${mylogfile}"
2355 echo " Base key: ${mykeybase}"
2356 echo
2357 if test x"$mytclient" = x"-DSH_WITH_SERVER"
2358 then
2359 echo " Selected rc file: yulerc"
2360 else
2361 echo " Selected rc file: samhainrc.${selectconfig}"
2362 fi
2363
2364fi
2365
Note: See TracBrowser for help on using the repository browser.