source: trunk/configure.ac@ 23

Last change on this file since 23 was 19, checked in by rainer, 19 years ago

Rewrite of test suite, checksum for growing logs, fix for minor bug with dead client detection.
File size: 64.5 KB
Line 
1dnl We want to override the standard AC_INIT_PARSE_ARGS,
2dnl which requires replacing AC_INIT() with its expanded
3dnl content.
4dnl
5dnl include own macros
6dnl
7sinclude(acsite.m4)dnl
8sinclude(./aclocal.m4)dnl
9
10dnl
11dnl AC_INIT(samhain.c)
12dnl
13# Forbidden tokens and exceptions.
14m4_pattern_forbid([^_?A[CHUM]_])
15m4_pattern_forbid([_AC_])
16m4_pattern_forbid([^LIBOBJS$],
17 [do not use LIBOBJS directly, use AC_LIBOBJ (see section `AC_LIBOBJ vs. LIBOBJS'])
18# Actually reserved by M4sh.
19m4_pattern_allow([^AS_FLAGS$])
20AS_INIT
21dnl m4_ifval([$2], [_AC_INIT_PACKAGE($@)])
22_AC_INIT_DEFAULTS
23SH_INIT_PARSE_ARGS
24_AC_INIT_SRCDIR
25SH_INIT_HELP
26_AC_INIT_VERSION
27_AC_INIT_CONFIG_LOG
28_AC_INIT_PREPARE
29_AC_INIT_NOTICE
30_AC_INIT_COPYRIGHT
31m4_ifval([$2], , [m4_ifval([$1], [AC_CONFIG_SRCDIR([$1])])])dnl
32
33AC_ARG_VAR([LIBS],
34 [libraries to link against, e.g. -lintl])
35
36dnl
37dnl start
38dnl
39AM_INIT_AUTOMAKE(samhain, 2.2.0rc1)
40AC_CANONICAL_HOST
41
42dnl
43dnl checks for programs
44dnl
45
46AC_PROG_CC
47AC_PROG_CPP
48AC_PROG_INSTALL
49AC_PROG_LN_S
50AC_PROG_AWK
51AC_PATH_PROG(cmd_hostname,hostname)
52AC_SUBST(cmd_hostname)
53
54GCC_STACK_PROTECT_CC
55
56AC_HEADER_STDC
57dnl
58dnl first one is a dummy because of an autoconf bug
59dnl (no HAVE_... for first one)
60dnl
61AC_CHECK_HEADERS([sys/ipc.h sys/msg.h sys/uio.h fcntl.h])
62
63
64AC_MSG_CHECKING([for host-specific issues])
65mydebugflag=no
66myneedg3=no
67uid_cast="signed long"
68selectconfig=linux
69mynetbsd=no
70sh_use_lcaps="undef"
71
72case "$host_os" in
73
74 *linux*)
75 sh_use_lcaps="yes"
76 AC_DEFINE(HOST_IS_LINUX)
77 AC_DEFINE(HAVE_EXT2_IOCTLS)
78 AC_MSG_RESULT(LINUX use ioctl to get e2fs flags)
79 case "$host_cpu" in
80 i*86*)
81 AC_DEFINE(HOST_IS_I86LINUX)
82 ;;
83 *)
84 ;;
85 esac
86 ;;
87
88 *osf*)
89 AC_DEFINE([HOST_IS_OSF], 1, [Define if host OS is OSF])
90 if test "x$GCC" != "xyes"; then
91 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
92 CFLAGS="$CFLAGS -O2 -assume noaligned_objects"
93 myneedg3=yes
94 AC_MSG_RESULT(OSF1 compiler needs assume noaligned_objects)
95 else
96 AC_MSG_RESULT(none)
97 fi
98 ;;
99
100 *cygwin*)
101 AC_DEFINE(HOST_IS_CYGWIN)
102 AC_MSG_RESULT(CYGWIN do not check for trusted paths)
103 ;;
104
105 *darwin*)
106 AC_DEFINE(HOST_IS_DARWIN)
107 AC_MSG_RESULT(DARWIN check resource forks)
108 ;;
109
110 *freebsd*)
111 AC_DEFINE(HOST_IS_FREEBSD)
112 selectconfig=freebsd
113 AC_MSG_RESULT(none)
114 ;;
115
116 *openbsd*)
117 selectconfig=freebsd
118 AC_MSG_RESULT(none)
119 ;;
120
121 *netbsd*)
122 mynetbsd=yes
123 AC_MSG_RESULT(NETBSD bug with libresolve)
124 ;;
125
126 *solaris*)
127 selectconfig=solaris
128 AC_DEFINE(HOST_IS_SOLARIS)
129 case "$host_cpu" in
130 i*86)
131 AC_DEFINE(HOST_IS_I86SOLARIS)
132 AC_MSG_RESULT(SOLARIS I86 vsnprintf prototype)
133 ;;
134 *)
135 AC_MSG_RESULT(none)
136 ;;
137 esac
138 if test "x$GCC" != "xyes"; then
139 if test ! -z "`echo "$CFLAGS" | grep "\-g" 2> /dev/null`" ; then
140 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
141 fi
142 if test -z "`echo "$CFLAGS" | grep "\-xO2" 2> /dev/null`"; then
143 CFLAGS="$CFLAGS -xO2"
144 fi
145 if test -z "`echo "$CFLAGS" | grep "\-Xa" 2> /dev/null`"; then
146 CFLAGS="$CFLAGS -Xa"
147 fi
148 LIBS="-lc $LIBS"
149 fi
150 ;;
151
152
153 *sun*)
154 selectconfig=solaris
155 AC_DEFINE(HOST_IS_SOLARIS)
156 AC_MSG_RESULT(none)
157 ;;
158
159 *aix*)
160 AC_DEFINE(HOST_IS_AIX)
161 selectconfig=aix5.2.0
162 uid_cast="unsigned long"
163 if test "x$GCC" != "xyes"; then
164 if test ! -z "`echo "$CFLAGS" | grep "\-g" 2> /dev/null`" ; then
165 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
166 fi
167 if test -z "`echo "$CFLAGS" | grep "\-O3" 2> /dev/null`"; then
168 CFLAGS="$CFLAGS -O3"
169 fi
170 if test -z "`echo "$CFLAGS" | grep "\-qstrict" 2> /dev/null`"; then
171 CFLAGS="$CFLAGS -qstrict"
172 fi
173 AC_MSG_RESULT(AIX size_t in the accept call and optimize O3 qstrict)
174 else
175 AC_MSG_RESULT(AIX size_t in the accept call)
176 fi
177 ;;
178
179 *hpux*)
180 AC_MSG_RESULT(HPUX has not always h_errno defined)
181 AC_DEFINE(HOST_IS_HPUX)
182 if test "x$GCC" != "xyes"; then
183 if test ! -z "`echo "$CFLAGS" | grep "\-g" 2> /dev/null`" ; then
184 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
185 fi
186 if test -z "`echo "$CFLAGS" | grep "\-fast" 2> /dev/null`"; then
187 CFLAGS="$CFLAGS -fast"
188 fi
189 fi
190 ;;
191
192 *ultrix*)
193 AC_MSG_RESULT(ULTRIX getcwd uses popen)
194 AC_DEFINE(HAVE_BROKEN_GETCWD)
195 ;;
196
197 *)
198 AC_MSG_RESULT(none)
199 ;;
200esac
201
202AC_SUBST(selectconfig)
203AC_DEFINE_UNQUOTED(UID_CAST, ${uid_cast})
204
205
206dnl *****************************************
207dnl
208dnl checks for header files
209dnl
210dnl *****************************************
211
212AC_HEADER_DIRENT
213AC_HEADER_MAJOR
214AC_HEADER_TIME
215dnl used in minilzo.c
216AC_HEADER_STAT
217AC_DECL_SYS_SIGLIST
218
219AC_CHECK_HEADERS(stddef.h libgen.h sched.h \
220 sys/vfs.h \
221 sys/select.h sys/socket.h netinet/in.h \
222 regex.h glob.h \
223 linux/ext2_fs.h ext2fs/ext2_fs.h \
224 paths.h arpa/nameser.h arpa/nameser_compat.h,
225 [],
226 [],
227 [#include <sys/types.h>]
228)
229
230
231AC_CHECK_HEADER(utmpx.h, sh_utmpx="yes", sh_utmpx="no")
232if test "x$sh_utmpx" = "xyes"; then
233 if cat "/usr/include/utmpx.h" 2>&5 |
234 egrep "WTMPX_FILE" >/dev/null 2>&1; then
235 AC_DEFINE(HAVE_UTMPX_H)
236 AC_EGREP_HEADER(ut_host, utmpx.h, AC_DEFINE(HAVE_UTHOST) )
237 AC_EGREP_HEADER(ut_addr, utmpx.h, AC_DEFINE(HAVE_UTADDR) )
238 AC_EGREP_HEADER(ut_xtime,utmpx.h, AC_DEFINE(HAVE_UTXTIME) )
239 AC_EGREP_HEADER(ut_type, utmpx.h, AC_DEFINE(HAVE_UTTYPE) )
240 else
241 AC_EGREP_HEADER(ut_addr, utmp.h, AC_DEFINE(HAVE_UTADDR) )
242 AC_EGREP_HEADER(ut_host, utmp.h, AC_DEFINE(HAVE_UTHOST) )
243 AC_EGREP_HEADER(ut_type, utmp.h, AC_DEFINE(HAVE_UTTYPE) )
244 fi
245else
246 AC_EGREP_HEADER(ut_host, utmp.h, AC_DEFINE(HAVE_UTHOST) )
247 AC_EGREP_HEADER(ut_type, utmp.h, AC_DEFINE(HAVE_UTTYPE) )
248fi
249
250dnl need to check because AIX 4.2 does not have it
251dnl
252AC_CHECK_MEMBERS([struct statfs.f_flags],[],[],[
253#ifdef HAVE_SYS_TYPES_H
254#include <sys/types.h>
255#endif
256#ifdef HAVE_SYS_STAT_H
257#include <sys/stat.h>
258#endif
259#ifdef HAVE_SYS_VFS_H
260#include <sys/vfs.h>
261#endif
262#ifdef HAVE_UNISTD_H
263#include <unistd.h>
264#endif
265])
266
267AC_SYS_LARGEFILE
268
269dnl
270dnl check whether _POSIX_SOURCE is required
271dnl
272SAMHAIN_POSIX
273
274
275dnl *****************************************
276dnl
277dnl Checks for library functions.
278dnl
279dnl *****************************************
280AC_FUNC_STRFTIME
281AC_CHECK_FUNCS(memcmp memcpy memmove memset getpwent endpwent \
282 gettimeofday strlcat strlcpy strstr strchr strerror strsignal \
283 seteuid setreuid setresuid lstat getwd getcwd ptrace \
284 usleep setpriority getpeereid nanosleep \
285 strptime basename sched_yield \
286 inet_aton gethostbyname setutent setrlimit gethostname uname \
287 initgroups getpagesize \
288 ttyname fchmod
289)
290AC_CHECK_FUNC(statfs, AC_DEFINE(HAVE_STATFS) statfs="yes", statfs="no")
291SL_CHECK_VA_COPY
292AC_CHECK_FUNCS(vsnprintf, [SL_CHECK_VSNPRINTF])
293AC_CHECK_MLOCK
294
295AC_MSG_CHECKING(how to get filesystem type)
296fstype=no
297# The order of these tests is important.
298AC_TRY_CPP([#include <sys/statvfs.h>
299#include <sys/fstyp.h>], AC_DEFINE(FSTYPE_STATVFS) fstype=SVR4)
300if test $fstype = no; then
301AC_TRY_CPP([#include <sys/statfs.h>
302#include <sys/fstyp.h>], AC_DEFINE(FSTYPE_USG_STATFS) fstype=SVR3)
303fi
304if test $fstype = no; then
305AC_TRY_CPP([#include <sys/statfs.h>
306#include <sys/vmount.h>], AC_DEFINE(FSTYPE_AIX_STATFS) fstype=AIX)
307fi
308if test $fstype = no; then
309AC_TRY_CPP([#include <mntent.h>], AC_DEFINE(FSTYPE_MNTENT) fstype=4.3BSD)
310fi
311if test $fstype = no; then
312AC_EGREP_HEADER(f_type;, sys/mount.h, AC_DEFINE(FSTYPE_STATFS) fstype=4.4BSD/OSF)
313fi
314if test $fstype = no; then
315AC_TRY_CPP([#include <sys/mount.h>
316#include <sys/fs_types.h>], AC_DEFINE(FSTYPE_GETMNT) fstype=Ultrix)
317fi
318AC_MSG_RESULT($fstype)
319
320sh_libsocket=
321
322dnl Solaris needs -lsocket and -lnsl. Unisys system includes
323dnl gethostbyname in libsocket but needs libnsl for socket.
324AC_CHECK_LIB(nsl, gethostbyname)
325AC_CHECK_LIB(socket, socket, ac_need_libsocket=1, ac_try_nsl=1)
326if test x$ac_need_libsocket = x1; then
327 LIBS="$LIBS -lsocket"
328 sh_libsocket="-lsocket"
329fi
330if test x$ac_try_nsl = x1; then
331 AC_CHECK_LIB(nsl, gethostbyname, ac_need_libnsl=1)
332 if test x$ac_need_libnsl = x1
333 then
334 LIBS="$LIBS -lnsl"
335 fi
336fi
337AC_SUBST(sh_libsocket)
338
339AC_CHECK_LIB(socket, res_search, [
340 AC_CHECK_LIB(resolv, dn_skipname)
341 AC_CHECK_LIB(resolv, __dn_skipname)
342 if test x$ac_need_libsocket = x1; then
343 :
344 else
345 LIBS="$LIBS -lsocket"
346 fi
347 ], [
348 AC_CHECK_LIB(resolv, res_search, [
349 LIBS="$LIBS -lresolv"
350 ], [
351 AC_CHECK_LIB(resolv, dn_skipname)
352 AC_CHECK_LIB(resolv, __dn_skipname)
353 ])
354 ])
355
356dnl arguments for accept
357
358dnl check for Unix98 socklen_t (found on
359dnl xemacs-patches mailing list, written
360dnl by Martin Buchholz)
361dnl
362dnl On Darwin(MacOSX) socklen_t needs to be
363dnl an int (see accept man page), on all other
364dnl unix systems we need a size_t.
365
366AC_MSG_CHECKING(for socklen_t)
367AC_TRY_COMPILE([
368#ifdef HAVE_SYS_TYPES_H
369#include <sys/types.h>
370#endif
371#ifdef HAVE_SYS_SOCKET_H
372#include <sys/socket.h>
373#endif
374 socklen_t x;
375], [],[
376 AC_MSG_RESULT(yes)
377 AC_DEFINE_UNQUOTED([ACCEPT_TYPE_ARG3],[socklen_t], [type of arg3 of accept])
378],[
379 AC_TRY_COMPILE([
380#ifdef HAVE_SYS_TYPES_H
381#include <sys/types.h>
382#endif
383#ifdef HAVE_SYS_SOCKET_H
384#include <sys/socket.h>
385#endif
386 int accept (int, struct sockaddr *, size_t *);
387 ],[],[
388 AC_MSG_RESULT(size_t)
389 AC_DEFINE_UNQUOTED([ACCEPT_TYPE_ARG3],[size_t], [type of arg3 of accept])
390 ], [
391 AC_MSG_RESULT(int)
392 AC_DEFINE_UNQUOTED([ACCEPT_TYPE_ARG3],[int], [type of arg3 of accept])
393 ]
394 )
395])
396
397
398dnl *****************************************
399dnl checks for typedefs
400dnl *****************************************
401
402AC_C_LONG_DOUBLE
403SH_CHECK_TYPEDEF(long long, HAVE_LONG_LONG)
404if test "$sh_HAVE_LONG_LONG" = "yes"; then
405 AC_CHECK_SIZEOF(unsigned long long, 4)
406 if test "$ac_cv_sizeof_unsigned_long_long" = "8"; then
407 AC_DEFINE(HAVE_LONG_LONG_64, 1, [Define if you have 64bit long long])
408 fi
409fi
410
411AC_CHECK_TYPE(ptrdiff_t, long)
412AC_TYPE_SIZE_T
413AC_CHECK_SIZEOF(char *, 4)
414AC_CHECK_SIZEOF(size_t, 4)
415
416AC_CHECK_SIZEOF(unsigned long, 4)
417AC_CHECK_SIZEOF(unsigned int , 4)
418AC_CHECK_SIZEOF(unsigned short, 2)
419
420
421if test "$ac_cv_sizeof_unsigned_long" = "4"; then
422 AC_DEFINE(HAVE_LONG_32)
423fi
424if test "$ac_cv_sizeof_unsigned_long" = "8"; then
425 AC_DEFINE(HAVE_LONG_64)
426fi
427if test "$ac_cv_sizeof_unsigned_int" = "4"; then
428 AC_DEFINE(HAVE_INT_32)
429fi
430
431dnl
432dnl For Alpha
433dnl
434if test "$ac_cv_sizeof_unsigned_int_" = "4"; then
435 AC_DEFINE(HAVE_INT_32)
436fi
437if test "$ac_cv_sizeof_unsigned_short" = "4"; then
438 AC_DEFINE(HAVE_SHORT_32)
439fi
440
441dnl
442dnl check for 64 bit programming environment
443dnl
444SAMHAIN_64
445
446
447dnl *****************************************
448dnl checks for structures
449dnl *****************************************
450
451AC_STRUCT_TM
452
453dnl
454dnl from e2fsprogs
455dnl
456AC_MSG_CHECKING(whether struct stat has a st_flags field)
457AC_CACHE_VAL(e2fsprogs_cv_struct_st_flags,
458 AC_TRY_COMPILE([#include <sys/stat.h>],
459 [struct stat stat; stat.st_flags = 0;],
460 [e2fsprogs_cv_struct_st_flags=yes],
461 [e2fsprogs_cv_struct_st_flags=no]))
462AC_MSG_RESULT($e2fsprogs_cv_struct_st_flags)
463if test "$e2fsprogs_cv_struct_st_flags" = yes; then
464 AC_MSG_CHECKING(whether st_flags field is useful)
465 AC_CACHE_VAL(e2fsprogs_cv_struct_st_flags_immut,
466 AC_TRY_COMPILE([#include <sys/stat.h>],
467 [struct stat stat; stat.st_flags |= UF_IMMUTABLE;],
468 [e2fsprogs_cv_struct_st_flags_immut=yes],
469 [e2fsprogs_cv_struct_st_flags_immut=no]))
470 AC_MSG_RESULT($e2fsprogs_cv_struct_st_flags_immut)
471 if test "$e2fsprogs_cv_struct_st_flags_immut" = yes; then
472 AC_DEFINE(HAVE_STAT_FLAGS)
473 fi
474fi
475
476dnl
477dnl from dbus
478dnl
479AC_MSG_CHECKING(for struct cmsgcred)
480AC_TRY_COMPILE([
481#include <sys/types.h>
482#include <sys/socket.h>
483],[
484struct cmsgcred cred;
485
486cred.cmcred_pid = 0;
487],sh_have_struct_cmsgcred=yes,sh_have_struct_cmsgcred=no)
488AC_MSG_RESULT($sh_have_struct_cmsgcred)
489
490if test x$sh_have_struct_cmsgcred = xyes; then
491 AC_DEFINE(HAVE_STRUCT_CMSGCRED,1,[Have cmsgcred structure])
492fi
493
494AC_MSG_CHECKING(for struct fcred)
495AC_TRY_COMPILE([
496#include <sys/param.h>
497#include <sys/socket.h>
498#include <sys/ucred.h>
499],[
500struct fcred sockcred;
501],sh_have_struct_fcred=yes,sh_have_struct_fcred=no)
502AC_MSG_RESULT($sh_have_struct_fcred)
503
504if test x$sh_have_struct_fcred = xyes; then
505 AC_DEFINE(HAVE_STRUCT_FCRED,1,[Have fcred structure])
506fi
507
508AC_MSG_CHECKING(for struct sockcred)
509AC_TRY_COMPILE([
510#include <sys/param.h>
511#include <sys/socket.h>
512#include <sys/ucred.h>
513],[
514struct sockcred sockcred;
515],sh_have_struct_sockcred=yes,sh_have_struct_sockcred=no)
516AC_MSG_RESULT($sh_have_struct_sockcred)
517
518if test x$sh_have_struct_sockcred = xyes; then
519 AC_DEFINE(HAVE_STRUCT_SOCKCRED,1,[Have sockcred structure])
520fi
521
522AC_MSG_CHECKING(for SO_PEERCRED)
523AC_TRY_COMPILE([
524#include <sys/types.h>
525#include <sys/socket.h>
526],[
527int test = SO_PEERCRED;
528],sh_have_SO_PEERCRED=yes,sh_have_SO_PEERCRED=no)
529AC_MSG_RESULT($sh_have_SO_PEERCRED)
530
531if test x$sh_have_SO_PEERCRED = xyes; then
532 AC_DEFINE(HAVE_SO_PEERCRED,1,[Have SO_PEERCRED define])
533fi
534
535
536dnl *****************************************
537dnl checks for compiler characteristics
538dnl *****************************************
539AC_C_INLINE
540AC_C_CONST
541AC_C_BIGENDIAN
542
543AM_SA_SIGACTION_WORKS
544
545dnl *****************************************
546dnl
547dnl checks for system services
548dnl
549dnl *****************************************
550
551dnl
552dnl check for GNU gmp
553dnl
554AC_CHECK_LIB(gmp, __gmpz_init, [sh_have_gmp=yes], [sh_have_gmp=no])
555if test "x${sh_have_gmp}" = xno
556then
557 AC_CHECK_LIB(gmp, mpz_init, [sh_have_gmp=yes], [sh_have_gmp=no])
558fi
559if test "x${sh_have_gmp}" = xyes
560then
561 # LIBS="-lgmp $LIBS"
562 AC_DEFINE(HAVE_LIBGMP, 1, [Have GNU gmp library])
563fi
564AC_CHECK_HEADERS(gmp.h)
565
566
567dnl *****************************************
568dnl
569dnl enable features
570dnl
571dnl *****************************************
572
573AC_ARG_ENABLE(db-reload,
574 [ --enable-db-reload enable database reload on SIGHUP [no]],
575 [
576 if test "x${enable_db_reload}" = xyes; then
577 AC_DEFINE(RELOAD_DATABASE)
578 fi
579 ]
580)
581
582AC_ARG_ENABLE(xml-log,
583 [ --enable-xml-log enable XML logfile format [[no]]],
584 [
585 if test "x${enable_xml_log}" = xyes; then
586 AC_DEFINE(SH_USE_XML)
587 fi
588 ]
589)
590
591
592AC_ARG_ENABLE(mail,
593 [ --disable-mail disable the internal SMTP mailer],
594 [
595 if test "x${enable_mail}" = xno; then
596 :
597 else
598 AC_DEFINE(SH_WITH_MAIL)
599 fi
600 ],
601 [AC_DEFINE(SH_WITH_MAIL)]
602)
603
604AC_ARG_ENABLE(external-scripts,
605 [ --disable-external-scripts disable interface to external scripts],
606 [
607 if test "x${enableval}" = xno; then
608 :
609 else
610 AC_DEFINE(WITH_EXTERNAL)
611 fi
612 ],
613 [AC_DEFINE(WITH_EXTERNAL)]
614)
615
616AC_ARG_ENABLE(message-queue,
617 [ --enable-message-queue[[=MODE]] enable SysV message queue [[MODE=0700]]],
618 [
619 if test "x${ac_cv_header_sys_msg_h}" = "xyes"; then
620 if test "x${enable_message_queue}" = xyes; then
621 AC_DEFINE(WITH_MESSAGE_QUEUE)
622 AC_DEFINE_UNQUOTED(MESSAGE_QUEUE_MODE, 0700)
623 elif test "x${enable_message_queue}" != xno; then
624 echo "${enableval}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
625 AC_MSG_ERROR([--enable-message-queue: MODE must be numeric])
626 echo "${enableval}" | \
627 grep ['0[0123456789][0123456789][0123456789]'] >/dev/null 2>&1 ||
628 AC_MSG_ERROR([--enable-message-queue: MODE must be an octal (0nnn) number])
629 AC_DEFINE(WITH_MESSAGE_QUEUE)
630 AC_DEFINE_UNQUOTED(MESSAGE_QUEUE_MODE, ${enable_message_queue})
631 fi
632 else
633 echo
634 echo "**********************************************"
635 echo
636 AC_MSG_WARN([sys/msg.h missing, --enable-message-queue disabled])
637 echo
638 echo "**********************************************"
639 echo
640 fi
641 ]
642)
643
644AC_ARG_WITH(cflags,
645 [ --with-cflags additional flags to pass to compiler],
646 [
647 if test "x$withval" != "xno" ; then
648 CFLAGS="$CFLAGS $withval"
649 fi
650 ]
651)
652AC_ARG_WITH(libs,
653 [ --with-libs additional libraries to link with],
654 [
655 if test "x$withval" != "xno" ; then
656 LIBS="$LIBS $withval"
657 fi
658 ]
659)
660
661
662#
663# this is from ssh
664#
665AC_MSG_CHECKING(whether to use libwrap)
666LIBWRAP_LIB=""
667LIBWRAP_INC=""
668AC_ARG_WITH(libwrap,
669[ --with-libwrap[=PATH] Compile in libwrap (TCP Wrappers) support],
670[ AC_MSG_RESULT($withval)
671 case "$withval" in
672 no)
673 ;;
674 ""|yes)
675 LIBWRAP_LIB="-lwrap"
676 ;;
677 *)
678 if test -d "$withval"; then
679 LIBWRAP_LIB="-L$withval -lwrap"
680 changequote(<<, >>)dnl
681 sh_libwrap_inc=`echo ${withval} | sed 's%/[^/][^/]*$%%'`
682 LIBWRAP_INC="-I${sh_libwrap_inc}/include"
683 changequote([, ])dnl
684 else
685 LIBWRAP_LIB="-lwrap"
686 changequote(<<, >>)dnl
687 sh_libwrap_inc=`echo ${withval} | sed 's%/[^/][^/]*$%%'`
688 LIBWRAP_INC="-I${sh_libwrap_inc}"
689 changequote([, ])dnl
690 fi
691 ;;
692 esac
693 if test -n "$LIBWRAP_LIB"; then
694 # OLDLIBS="$LIBS"
695 LIBS="$LIBWRAP_LIB $LIBS"
696 # OLDCFLAGS="$CFLAGS"
697 CFLAGS="$CFLAGS $LIBWRAP_INC"
698 AC_CHECK_HEADER(tcpd.h,
699 [],
700 [ AC_MSG_ERROR([Could not find tcpd.h for libwrap. You must first install tcp_wrappers]) ])
701 AC_TRY_LINK([ #include <tcpd.h>
702 int allow_severity; int deny_severity; ],
703 [ hosts_access((struct request_info *) 0); ],
704 [ AC_DEFINE(SH_USE_LIBWRAP,1,[Build with tcp wrapper support]) ],
705 [ AC_MSG_ERROR([Could not find the libwrap library.]) ])
706 fi ],
707 AC_MSG_RESULT(no)
708)
709
710
711#
712# this is from the snort configure.in
713#
714AC_DEFUN(FAIL_MESSAGE,[
715 echo
716 echo
717 echo "**********************************************"
718 echo " ERROR: unable to find" $1
719 echo " checked in the following places"
720 for i in `echo $2`; do
721 echo " $i"
722 done
723 echo "**********************************************"
724 echo
725 exit
726])
727
728AC_ARG_WITH(libprelude-prefix,
729 [ --with-libprelude-prefix=PFX Prefix where libprelude is installed (optional)],
730 libprelude_config_prefix="$withval", libprelude_config_prefix="")
731
732AC_MSG_CHECKING(whether to use prelude)
733AC_ARG_WITH(prelude,
734 [ --with-prelude Prelude IDS support [[no]]],
735 [
736 if test "x${withval}" = "xno"; then
737 AC_MSG_RESULT(no)
738 else
739 AC_MSG_RESULT(yes)
740 if test x$libprelude_config_prefix != x ; then
741 if test x${LIBPRELUDE_CONFIG+set} != xset ; then
742 LIBPRELUDE_CONFIG=$libprelude_config_prefix/bin/libprelude-config
743 fi
744 fi
745
746 AC_PATH_PROG(LIBPRELUDE_CONFIG, libprelude-config, no)
747 if test x"$LIBPRELUDE_CONFIG" = "xno" ; then
748 HAVE_PRELUDE_CONFIG=no
749 else
750 HAVE_PRELUDE_CONFIG=yes
751 fi
752dnl AC_CHECK_PROG(HAVE_PRELUDE_CONFIG, libprelude-config, yes, no)
753 if test "$HAVE_PRELUDE_CONFIG" = "yes"; then
754 sh_libprelude_version=`$LIBPRELUDE_CONFIG --version`
755 case "$sh_libprelude_version" in
756 0.8*)
757 sh_prelude_libs=`$LIBPRELUDE_CONFIG --libs | sed 's,\(.*\)\( -L.* -lprelude$\),\2 \1,'`
758 sh_prelude_cflags=`$LIBPRELUDE_CONFIG --cflags`
759 LIBS="$LIBS ${sh_prelude_libs}"
760 CFLAGS="$CFLAGS ${sh_prelude_cflags}"
761 AC_DEFINE(HAVE_LIBPRELUDE,1,[Have libprelude])
762 AC_DEFINE(HAVE_LIBPRELUDE_8,1,[Have libprelude 0.8])
763 ;;
764 *)
765 AM_PATH_LIBPRELUDE([0.9.0],
766 [
767 AC_DEFINE(HAVE_LIBPRELUDE,1,[Have libprelude])
768 AC_DEFINE(HAVE_LIBPRELUDE_9,1,[Have libprelude 0.9])
769 CFLAGS="$CFLAGS $LIBPRELUDE_PTHREAD_CFLAGS"
770 LDFLAGS="$LDFLAGS $LIBPRELUDE_LDFLAGS"
771 LIBS="$LIBS $LIBPRELUDE_LIBS"
772 ],
773 [
774 AC_MSG_ERROR([Could not find libprelude.])
775 ])
776 ;;
777 esac
778 else
779 AC_MSG_ERROR([Could not find libprelude.])
780 fi
781 fi
782 ],
783 [
784 AC_MSG_RESULT(no)
785 ]
786)
787
788dnl AC_MSG_CHECKING(whether to use prelude)
789dnl AC_ARG_WITH(prelude,
790dnl [ --with-prelude Prelude IDS support [[no]]],
791dnl [
792dnl if test "x${withval}" = "xno"; then
793dnl AC_MSG_RESULT(no)
794dnl else
795dnl AC_CHECK_PROG(HAVE_PRELUDE_CONFIG, libprelude-config, yes, no)
796dnl if test "$HAVE_PRELUDE_CONFIG" = "yes"; then
797dnl sh_prelude_libs=`libprelude-config --libs | sed 's,\(.*\)\( -L.* -lprelude$\),\2 \1,'`
798dnl sh_prelude_cflags=`libprelude-config --cflags`
799dnl LIBS="$LIBS ${sh_prelude_libs}"
800dnl CFLAGS="$CFLAGS ${sh_prelude_cflags}"
801dnl AC_DEFINE(HAVE_LIBPRELUDE,1,[Have libprelude])
802dnl else
803dnl AC_MSG_ERROR([Could not find libprelude-config. Did you specify a valid path?])
804dnl fi
805dnl fi
806dnl ],
807dnl AC_MSG_RESULT(no)
808dnl )
809
810AC_ARG_ENABLE(static,
811 [ --enable-static enable static linking (recommended) [[no]]],
812 [
813 if test x$enable_static = xyes; then
814 if test x"$mynetbsd" = xyes
815 then
816 tmp_LIBS=`echo $LIBS | sed 's%\-lresolv%%' `
817 LIBS="${tmp_LIBS}"
818 fi
819 AC_DEFINE(SH_COMPILE_STATIC, 1, [Define if compiling static])
820 if test "x$GCC" = "xyes"; then
821 LDFLAGS="$LDFLAGS -static"
822 else
823 case "$host_os" in
824
825 *aix*)
826 LDFLAGS="$LDFLAGS -bnso -bI:/lib/syscalls.exp"
827 ;;
828
829 *hpux*)
830 LDFLAGS="$LDFLAGS -Wl,-a,archive"
831 ;;
832
833 *osf*)
834 LDFLAGS="$LDFLAGS -non_shared"
835 ;;
836
837 *irix*)
838 LDFLAGS="$LDFLAGS -non_shared"
839 ;;
840
841 *sco*)
842 LDFLAGS="$LDFLAGS -dn"
843 ;;
844
845 *sun*)
846 LDFLAGS="$LDFLAGS -Bstatic"
847 ;;
848
849 *solaris*)
850 LDFLAGS="$LDFLAGS -Bstatic"
851 ;;
852
853 *)
854 echo "***********************************************"
855 echo "*"
856 echo "* Don't know how to enable static linking"
857 echo "* with your compiler. Please set the environment"
858 echo "* variable LDFLAGS to:"
859 echo "* ${LDFLAGS} + the static linking flag"
860 echo "* and run configure again"
861 echo "*"
862 echo "***********************************************"
863 ;;
864
865 esac
866 fi
867 fi
868 ]
869)
870
871#
872# partly based on the snort configure.in
873#
874AC_ARG_WITH(database,
875 [ --with-database=[[mysql|postgresql|oracle|odbc]] database support [[no]]],
876 [
877 if test x"$enable_xml_log" != xyes; then
878 AC_MSG_ERROR([--with-database: --enable-xml-log required])
879 fi
880 if test "x${withval}" = "xmysql"; then
881 AC_CHECK_PROG(HAVE_MYSQL_CONFIG, mysql_config, yes, no)
882 if test "$HAVE_MYSQL_CONFIG" = "yes"; then
883 # echo "mysql_config found"
884 sh_mysql_libs="`mysql_config --libs`"
885 # echo ${sh_mysql_libs}
886 sh_mysql_libs="`eval echo ${sh_mysql_libs}`"
887 # echo $mysql_libs
888 # save_libs="$LIBS"
889 # LIBS="$LIBS `mysql_config --libs`"
890 # echo $LIBS
891 LIBS="$LIBS ${sh_mysql_libs}"
892 # echo $LIBS
893 sh_mysql_cflags="`mysql_config --cflags`"
894 sh_mysql_cflags="`eval echo ${sh_mysql_cflags}`"
895 # CFLAGS="$CFLAGS `mysql_config --cflags`"
896 # CFLAGS="$CFLAGS ${sh_mysql_cflags}"
897 CPPFLAGS="$CPPFLAGS ${sh_mysql_cflags}"
898 else
899 AC_MSG_CHECKING(for MySQL in /usr /usr/local /usr/local/mysql MYSQL_HOME)
900 mysql_directory="/usr /usr/local /usr/local/mysql ${MYSQL_HOME}"
901
902 for i in $mysql_directory; do
903 if test -r $i/include/mysql/mysql.h; then
904 MYSQL_DIR=$i
905 MYSQL_INC_DIR=$i/include
906 # we use AC_CHECK_HEADERS to check for mysql/mysql.h
907 fi
908 done
909 if test -z "$MYSQL_DIR"; then
910 for i in $mysql_directory; do
911 if test -r $i/include/mysql.h; then
912 MYSQL_DIR=$i
913 MYSQL_INC_DIR=$i/include
914 fi
915 done
916 fi
917
918 if test -z "$MYSQL_DIR"; then
919 tmp=""
920 for i in $mysql_directory; do
921 tmp="$tmp $i/include $i/include/mysql"
922 done
923 FAIL_MESSAGE("mysql headers (mysql.h)", $tmp)
924 fi
925
926 for i in lib lib/mysql; do
927 str="$MYSQL_DIR/$i/libmysqlclient.*"
928 for j in `echo $str`; do
929 if test -r $j; then
930 MYSQL_LIB_DIR="$MYSQL_DIR/$i"
931 break 2
932 fi
933 done
934 done
935
936 if test -z "$MYSQL_LIB_DIR"; then
937 for ff in $mysql_directory; do
938 for i in lib lib/mysql; do
939 str="$ff/$i/libmysqlclient.*"
940 for j in `echo $str`; do
941 if test -r $j; then
942 MYSQL_LIB_DIR="$ff/$i"
943 break 3
944 fi
945 done
946 done
947 done
948 fi
949
950 if test -z "$MYSQL_LIB_DIR"; then
951 tmp=""
952 for i in $mysql_directory; do
953 tmp="$i/lib $i/lib/mysql"
954 done
955 FAIL_MESSAGE("mysql library libmysqlclient", $tmp)
956 fi
957
958 AC_MSG_RESULT(yes)
959 LIBS="$LIBS -L${MYSQL_LIB_DIR} -lmysqlclient"
960 # CFLAGS="$CFLAGS -I${MYSQL_INC_DIR}"
961 CPPFLAGS="$CPPFLAGS -I${MYSQL_INC_DIR}"
962 fi
963 AC_DEFINE(WITH_MYSQL)
964 AC_DEFINE(WITH_DATABASE)
965 AC_CHECK_LIB(z, inflateEnd, [zlib_cv_libz=yes], [zlib_cv_libz=no])
966 AC_MSG_CHECKING(for zlib)
967 if test "$zlib_cv_libz" = "yes"
968 then
969 LIBS="$LIBS -lz -lm"
970 AC_MSG_RESULT(ok)
971 else
972 AC_MSG_RESULT(failed)
973 echo
974 echo " Either the mysql or the zlib library was not found"
975 echo " or was unusable, maybe because an old, incompatible"
976 echo " version is installed on your system, eg compiled from"
977 echo " source long time ago. See config.log for the error"
978 echo " message from the compiler."
979 echo " Please review your installed mysql and zlib libraries"
980 echo " and/or use --with-libs=-L/path/to/libdirectory"
981 echo " where libdirectory is the directory holding libmysql"
982 echo " or libz."
983 if test x"$enable_static" = xyes; then
984 echo " Note that for compiling a static binary, you need"
985 echo " the static libraries, rather than the shared ones."
986 fi
987 echo
988 AC_MSG_ERROR([libmysql or zlib not found or unuseable])
989 fi
990 AC_CHECK_HEADERS(mysql/mysql.h)
991 elif test "x${withval}" = "xpostgresql"; then
992 AC_DEFINE(WITH_POSTGRES)
993 AC_DEFINE(WITH_DATABASE)
994 #
995 PGCONF="no"
996 MY_PATH="${PATH}:/usr/local/bin:/usr/local/pgsql/bin"
997 OLD_IFS="$IFS"
998 IFS=":"
999 for ff in ${MY_PATH}
1000 do
1001 if test -f "$ff/pg_config"
1002 then
1003 PGCONF="$ff/pg_config"
1004 fi
1005 done
1006 IFS="${OLD_IFS}"
1007 #
1008 #
1009 if test "x${PGCONF}" = "xno"
1010 then
1011 AC_MSG_CHECKING(for PostgreSQL in /usr/local/pgsql /usr/pgsql /usr/local /usr PGSQL_HOME)
1012 pgsql_directory="/usr/local/pgsql /usr/pgsql /usr/local /usr ${PGSQL_HOME}"
1013 for i in $pgsql_directory; do
1014 if test -r $i/include/pgsql/libpq-fe.h; then
1015 PGSQL_INC_DIR=$i/include
1016 PGSQL_DIR=$i
1017 # use AC_CHECK_HEADERS to check for pgsql/libpq-fe.h
1018 fi
1019 done
1020 if test -z "$PGSQL_DIR"; then
1021 for i in $pgsql_directory; do
1022 if test -r $i/include/libpq-fe.h; then
1023 PGSQL_INC_DIR=$i/include
1024 PGSQL_DIR=$i
1025 fi
1026 done
1027 fi
1028
1029 if test -z "$PGSQL_DIR"; then
1030 tmp=""
1031 for i in $pgsql_directory; do
1032 tmp="$tmp $i/include $i/include/pgsql"
1033 done
1034 FAIL_MESSAGE("PostgreSQL header file (libpq-fe.h)", $tmp)
1035 fi
1036
1037 for i in lib lib/pgsql; do
1038 str="$PGSQL_DIR/$i/libpq.*"
1039 for j in `echo $str`; do
1040 if test -r $j; then
1041 PGSQL_LIB_DIR="$PGSQL_DIR/$i"
1042 break 2
1043 fi
1044 done
1045 done
1046
1047 if test -z "$PGSQL_LIB_DIR"; then
1048 for ff in $pgsql_directory; do
1049 for i in lib lib/pgsql; do
1050 str="$ff/$i/libpq.*"
1051 for j in `echo $str`; do
1052 if test -r $j; then
1053 PGSQL_LIB_DIR="$ff/$i"
1054 break 3
1055 fi
1056 done
1057 done
1058 done
1059 fi
1060
1061 if test -z "$PGSQL_LIB_DIR"; then
1062 tmp=""
1063 for i in $pgsql_directory; do
1064 tmp="$i/lib $i/lib/pgsql"
1065 done
1066 FAIL_MESSAGE("postgresql library libpq", $tmp)
1067 fi
1068
1069 AC_MSG_RESULT(yes)
1070
1071 LIBS="$LIBS -L${PGSQL_LIB_DIR} -lpq -lm"
1072 if test x"$enable_static" = xyes; then
1073 LIBS="$LIBS -L${PGSQL_LIB_DIR} -lpq -lcrypt -lm"
1074 else
1075 LIBS="$LIBS -L${PGSQL_LIB_DIR} -lpq -lm"
1076 fi
1077 # CFLAGS="$CFLAGS -I${PGSQL_INC_DIR}"
1078 CPPFLAGS="$CPPFLAGS -I${PGSQL_INC_DIR}"
1079 AC_CHECK_HEADERS(pgsql/libpq-fe.h)
1080 else
1081 pg_lib_dir=`${PGCONF} --libdir`
1082 if test x"$enable_static" = xyes; then
1083 LIBS="$LIBS -L${pg_lib_dir} -lpq -lcrypt -lm"
1084 else
1085 LIBS="$LIBS -L${pg_lib_dir} -lpq -lm"
1086 fi
1087 pg_inc_dir=`${PGCONF} --includedir`
1088 # CFLAGS="$CFLAGS -I${pg_inc_dir}"
1089 CPPFLAGS="$CPPFLAGS -I${pg_inc_dir}"
1090 fi
1091 elif test "x${withval}" = "xodbc"; then
1092 AC_MSG_CHECKING(for odbc in /usr /usr/local ODBC_HOME)
1093 odbc_directory="/usr /usr/local"
1094
1095 for i in $odbc_directory; do
1096 if test -r $i/include/sql.h; then
1097 if test -r $i/include/sqlext.h; then
1098 if test -r $i/include/sqltypes.h; then
1099 ODBC_DIR=$i
1100 ODBC_INC_DIR=$i/include
1101 fi
1102 fi
1103 fi
1104 done
1105
1106 if test -z "$ODBC_DIR"; then
1107 tmp=""
1108 for i in $odbc_directory; do
1109 tmp="$tmp $i/include"
1110 done
1111 FAIL_MESSAGE("odbc headers (sql.h sqlext.h sqltypes.h)", $tmp)
1112 fi
1113
1114 str="$ODBC_DIR/lib/libodbc.*"
1115 for j in `echo $str`; do
1116 if test -r $j; then
1117 ODBC_LIB_DIR="$ODBC_DIR/lib"
1118 ODBC_LIB="odbc"
1119 fi
1120 done
1121
1122 if test -z "$ODBC_LIB_DIR"; then
1123 FAIL_MESSAGE("odbc library (libodbc)", "$ODBC_DIR/lib")
1124 fi
1125
1126 AC_MSG_RESULT(yes)
1127 CPPFLAGS="${CPPFLAGS} -I${ODBC_INC_DIR}"
1128 LIBS="${LIBS} -L${ODBC_LIB_DIR} -l$ODBC_LIB"
1129 AC_DEFINE(WITH_ODBC)
1130 AC_DEFINE(WITH_DATABASE)
1131
1132 elif test "x${withval}" = "xoracle"; then
1133 AC_MSG_CHECKING(for oracle in /usr /usr/local ORACLE_HOME)
1134 oracle_directory="/usr /usr/local ${ORACLE_HOME}"
1135 for i in $oracle_directory; do
1136 if test -r $i/rdbms/demo/oci.h; then
1137 ORACLE_DIR=$i
1138 fi
1139 done
1140
1141 if test -z "$ORACLE_DIR"; then
1142 tmp=""
1143 for i in $oracle_directory; do
1144 tmp="$tmp $i/rdbms/demo"
1145 done
1146 FAIL_MESSAGE("OCI header file (oci.h)", $tmp)
1147 else
1148 for i in rdbms/demo rdbms/public network/public; do
1149 ORACLE_CPP_FLAGS="$ORACLE_CPP_FLAGS -I$ORACLE_DIR/$i"
1150 done
1151 ORACLE_LIB_DIR="$ORACLE_DIR/lib"
1152 AC_MSG_RESULT(yes)
1153
1154 CPPFLAGS="${CPPFLAGS} ${ORACLE_CPP_FLAGS}"
1155
1156 ORACLE_LIBS="-lclntsh"
1157 if test -r $ORACLE_LIB_DIR/libwtc9.so; then
1158 ORACLE_LIBS="${ORACLE_LIBS} -lwtc9"
1159 elif test -r $ORACLE_LIB_DIR/libwtc8.so; then
1160 ORACLE_LIBS="${ORACLE_LIBS} -lwtc8"
1161 fi
1162 LIBS="${LIBS} -L${ORACLE_LIB_DIR} ${ORACLE_LIBS}"
1163 fi
1164 AC_DEFINE(WITH_ORACLE)
1165 AC_DEFINE(WITH_DATABASE)
1166
1167 else
1168 AC_MSG_ERROR([--with-database: unsupported database ${withval}])
1169 fi
1170 ]
1171)
1172
1173AC_ARG_WITH(console,
1174 [ --with-console=PATH set path to console device [[/dev/console]]],
1175 [
1176 if test "x${withval}" != xno; then
1177 mycons="$withval"
1178 AC_DEFINE_UNQUOTED(DEFAULT_CONSOLE, _("${mycons}") )
1179 fi
1180 ])
1181
1182AC_ARG_WITH(altconsole,
1183 [ --with-altconsole=PATH set path to second console device [[none]]],
1184 [
1185 if test "x${withval}" != xno; then
1186 myaltcons="$withval"
1187 else
1188 myaltcons="NULL"
1189 fi
1190 ],
1191 [myaltcons="NULL"])
1192AC_DEFINE_UNQUOTED(ALT_CONSOLE, _("${myaltcons}") )
1193
1194AC_ARG_WITH(timeserver,
1195 [ --with-timeserver=HOST set host address for time server [[none]]],
1196 [
1197 if test "x${withval}" != xno; then
1198 mytimeserv="$withval"
1199 AC_DEFINE(HAVE_NTIME)
1200 else
1201 mytimeserv="NULL"
1202 fi
1203 ],
1204 mytimeserv="NULL")
1205AC_DEFINE_UNQUOTED(DEFAULT_TIMESERVER, _("${mytimeserv}") )
1206
1207AC_ARG_WITH(alttimeserver,
1208 [ --with-alttimeserver=HOST set address for backup time server [[none]]],
1209 [
1210 if test "x${withval}" != xno; then
1211 myalttimeserv="$withval"
1212 AC_DEFINE(HAVE_NTIME)
1213 else
1214 myalttimeserv="NULL"
1215 fi
1216 ],
1217 myalttimeserv="NULL")
1218AC_DEFINE_UNQUOTED(ALT_TIMESERVER, _("${myalttimeserv}") )
1219
1220AC_ARG_ENABLE(login-watch,
1221 [ --enable-login-watch watch for login/logout [[no]]],
1222 [
1223 if test "x${enable_login_watch}" = xyes; then
1224 AC_DEFINE(SH_USE_UTMP)
1225 fi
1226 ]
1227)
1228
1229AC_ARG_ENABLE(mounts-check,
1230 [ --enable-mounts-check check mount options on filesystems [[no]]],
1231 [
1232 if test "x${enable_mounts_check}" = xyes; then
1233 AC_DEFINE(SH_USE_MOUNTS)
1234 fi
1235 ]
1236)
1237
1238AC_ARG_ENABLE(userfiles,
1239 [ --enable-userfiles check for users' config files [[no]]],
1240 [
1241 if test "x${enableval}" = "xyes"; then
1242 AC_DEFINE(SH_USE_USERFILES)
1243 fi
1244 ]
1245)
1246
1247AC_ARG_ENABLE(debug,
1248 [ --enable-debug enable debug options [[no]]],
1249 [
1250 if test "x${enable_debug}" = "xyes"; then
1251 if test "x${mydebugflag}" != "xyes"; then
1252 AC_DEFINE(MEM_DEBUG)
1253 fi
1254 AC_DEFINE(WITH_TPT)
1255 AC_DEFINE(SL_DEBUG)
1256 AC_DEFINE(SL_FAIL_ON_ERROR)
1257 if test "x${myneedg3}" = "xyes"; then
1258 mydebugdef="-g3"
1259 else
1260 mydebugdef="-g"
1261 fi
1262 mydebugit="yes"
1263 fi
1264 ]
1265)
1266AC_SUBST(mydebugdef)
1267
1268AC_ARG_ENABLE(ptrace,
1269 [ --enable-ptrace use anti-debugger options [[no]]],
1270 [
1271 if test "x${enable_ptrace}" = xyes; then
1272 if test "x$mydebugit" != "xyes"; then
1273 AC_DEFINE(SCREW_IT_UP)
1274 fi
1275 fi
1276 ]
1277)
1278
1279dnl
1280if test "x$GCC" = "xyes"; then
1281 if test ! -z "`echo "$CFLAGS" | grep "\-g\ " 2> /dev/null`" ; then
1282 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
1283 fi
1284
1285dnl if test ! -z "`echo "$CFLAGS" | grep "\-O2" 2> /dev/null`" ; then
1286dnl CFLAGS=`echo $CFLAGS | sed 's%\-O2%\-O3%' `
1287dnl fi
1288
1289 if test -z "`echo "$CFLAGS" | grep "\-Wall" 2> /dev/null`" ; then
1290 CFLAGS="$CFLAGS -Wall -W "
1291 fi
1292
1293 if test -z "`echo "$CFLAGS" | grep "\-fstrength\-reduce" 2> /dev/null`"
1294 then
1295 if test -z "`echo "$CFLAGS" | grep "\-fno\-strength\-reduce" 2> /dev/null`"
1296 then
1297 CFLAGS="$CFLAGS -fno-strength-reduce"
1298 fi
1299 fi
1300
1301 if test -z "`echo "$CFLAGS" | grep "\-fomit\-frame\-pointer" 2> /dev/null`"
1302 then
1303 if test -z "`echo "$CFLAGS" | grep "\-fno\-omit\-frame\-pointer" 2> /dev/null`"
1304 then
1305 CFLAGS="$CFLAGS -fno-omit-frame-pointer"
1306 fi
1307 fi
1308
1309fi
1310
1311AC_MSG_CHECKING([which random module to use])
1312AC_ARG_WITH(rnd,
1313 [ --with-rnd=[[egd|unix|dev|default]] random number generator [[default]]],
1314[use_static_rnd=$withval], [use_static_rnd=default] )
1315
1316if test "$use_static_rnd" = no; then
1317 use_static_rnd=default
1318fi
1319
1320case "$use_static_rnd" in
1321 egd | dev | unix | default )
1322 AC_MSG_RESULT($use_static_rnd)
1323 ;;
1324 * )
1325 AC_MSG_RESULT([invalid argument])
1326 AC_MSG_ERROR([--with-rnd: there is no random module ${use_static_rnd}])
1327 ;;
1328esac
1329
1330AC_ARG_WITH(egd-socket,
1331 [ --with-egd-socket=NAME EGD socket name],
1332 egd_socket_name="$withval", egd_socket_name="" )
1333AC_DEFINE_UNQUOTED(EGD_SOCKET_NAME, _("$egd_socket_name") )
1334
1335dnl
1336dnl See whether the user wants to disable checking for /dev/random
1337
1338try_dev_random=yes
1339
1340case "$use_static_rnd" in
1341dev | default )
1342 try_dev_random=yes
1343 ;;
1344egd)
1345 AC_DEFINE(HAVE_EGD_RANDOM)
1346 try_dev_random=no
1347 ;;
1348unix)
1349 AC_DEFINE(HAVE_UNIX_RANDOM)
1350 try_dev_random=no
1351 ;;
1352esac
1353
1354
1355if test "x$try_dev_random" = "xyes"; then
1356 AC_MSG_CHECKING(whether /dev/random exists)
1357 if test -r "/dev/srandom" && test -c "/dev/srandom"; then
1358 AC_DEFINE(HAVE_URANDOM)
1359 AC_DEFINE_UNQUOTED(NAME_OF_DEV_RANDOM, _("/dev/srandom") )
1360 AC_MSG_RESULT(yes)
1361 if test -r "/dev/urandom" && test -c "/dev/urandom"; then
1362 AC_DEFINE_UNQUOTED(NAME_OF_DEV_URANDOM, _("/dev/urandom") )
1363 fi
1364 else
1365 if test -r "/dev/random" && test -c "/dev/random"; then
1366 AC_DEFINE(HAVE_URANDOM)
1367 AC_DEFINE_UNQUOTED(NAME_OF_DEV_RANDOM, _("/dev/random") )
1368 AC_MSG_RESULT(yes)
1369 if test -r "/dev/urandom" && test -c "/dev/urandom"; then
1370 AC_DEFINE_UNQUOTED(NAME_OF_DEV_URANDOM, _("/dev/urandom") )
1371 fi
1372 else
1373 AC_MSG_RESULT(no)
1374 AC_DEFINE(HAVE_UNIX_RANDOM)
1375 fi
1376 fi
1377fi
1378
1379
1380dnl
1381dnl NETWORK OPTIONS
1382dnl
1383
1384
1385AC_ARG_ENABLE(network,
1386 [ --enable-network=[[client|server]] compile client or server [[no]]],
1387 [
1388 if test "x$enable_network" = xclient; then
1389 mytclient="-DSH_WITH_CLIENT"
1390 yulectl_prg=
1391 setpwd_prg="samhain_setpwd"
1392 sh_main_prg="samhain"
1393 if test "x${sh_have_gmp}" = xyes
1394 then
1395 LIBS="-lgmp $LIBS"
1396 fi
1397dnl AC_CHECK_HEADER(sys/capability.h,
1398dnl [AC_CHECK_LIB(cap, cap_get_proc,,sh_use_lcaps="no")],
1399dnl [sh_use_lcaps="no"])
1400 elif test "x$enable_network" = xserver; then
1401 mytclient="-DSH_WITH_SERVER"
1402 yulectl_prg="yulectl"
1403 setpwd_prg="samhain_setpwd"
1404 sh_main_prg="yule"
1405 if test "x${sh_have_gmp}" = xyes
1406 then
1407 LIBS="-lgmp $LIBS"
1408 fi
1409 sh_use_lcaps="undef"
1410 elif test "x$enable_network" = xno; then
1411 mytclient="-DSH_STANDALONE"
1412 yulectl_prg=
1413 setpwd_prg=
1414 sh_main_prg="samhain"
1415dnl AC_CHECK_HEADER(sys/capability.h,
1416dnl [AC_CHECK_LIB(cap, cap_get_proc,,sh_use_lcaps="no")],
1417dnl [sh_use_lcaps="no"])
1418 else
1419 AC_MSG_ERROR([--enable-network=WHAT: WHAT must be client, server, or no])
1420 fi
1421 ],
1422 [
1423 mytclient="-DSH_STANDALONE"
1424 setpwd_prg=
1425 yulectl_prg=
1426 sh_main_prg="samhain"
1427dnl AC_CHECK_HEADER(sys/capability.h,
1428dnl [AC_CHECK_LIB(cap, cap_get_proc,,sh_use_lcaps="no")],
1429dnl [sh_use_lcaps="no"])
1430 ],
1431)
1432AC_SUBST(setpwd_prg)
1433AC_SUBST(yulectl_prg)
1434AC_SUBST(sh_main_prg)
1435AC_SUBST(mytclient)
1436
1437# needed for the rpm spec
1438clmytclient=`echo ${mytclient} | sed s%\-%%`
1439AC_SUBST(clmytclient)
1440
1441AC_ARG_ENABLE(udp,
1442 [ --enable-udp server can listen on port 514/udp [[no]]],
1443 [
1444 if test "x${enable_udp}" = xyes; then
1445 AC_DEFINE(INET_SYSLOG)
1446 fi
1447 ]
1448)
1449
1450myencrypt=yes
1451AC_ARG_ENABLE(encrypt,
1452 [ --disable-encrypt disable client/server encryption],
1453 [
1454 if test "x${enable_encrypt}" = xno; then
1455 myencrypt=no
1456 elif test "x${enable_encrypt}" = "x1"; then
1457 myencrypt=1
1458 fi
1459 ]
1460)
1461if test "x${myencrypt}" = "xyes"; then
1462 AC_DEFINE(SH_ENCRYPT)
1463 AC_DEFINE(SH_ENCRYPT_2)
1464elif test "x${myencrypt}" = "x1"; then
1465 AC_DEFINE(SH_ENCRYPT)
1466fi
1467
1468sh_use_srp_proto=yes
1469AC_ARG_ENABLE(srp,
1470 [ --disable-srp disable SRP for authentication],
1471 [
1472 if test "x${enable_srp}" = xno; then
1473 sh_use_srp_proto=no
1474 fi
1475 ]
1476)
1477if test "x${sh_use_srp_proto}" = xyes; then
1478 AC_DEFINE(USE_SRP_PROTOCOL)
1479fi
1480
1481AC_ARG_WITH(port,
1482 [ --with-port=PORT set port to use for TCP/IP connection [[49777]]],
1483 [
1484 echo "${withval}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
1485 AC_MSG_ERROR([--with-port: PORT must be numeric])
1486 myport=${withval}
1487 ],
1488 [myport="49777"])
1489AC_DEFINE_UNQUOTED(SH_DEFAULT_PORT, ${myport})
1490AC_SUBST(myport)
1491
1492AC_ARG_WITH(logserver,
1493 [ --with-logserver=HOST set host address for log server [[none]]],
1494 [
1495 case "$withval" in
1496 *.* | localhost)
1497 mylogsrv="$withval"
1498 ;;
1499 *)
1500 mylogsrv="$withval"
1501 ;;
1502 esac
1503 ],
1504 [mylogsrv="NULL"])
1505AC_DEFINE_UNQUOTED(DEFAULT_LOGSERVER, _("${mylogsrv}") )
1506AC_SUBST(mylogsrv)
1507
1508AC_ARG_WITH(altlogserver,
1509 [ --with-altlogserver=HOST set address for backup log server [[none]]],
1510 [
1511 case "$withval" in
1512 *.* | localhost)
1513 myaltlogsrv="$withval"
1514 ;;
1515 *)
1516 myaltlogsrv="$withval"
1517 ;;
1518 esac
1519 ],
1520 [myaltlogsrv="NULL"])
1521AC_DEFINE_UNQUOTED(ALT_LOGSERVER, _("${myaltlogsrv}"))
1522
1523
1524
1525dnl
1526dnl STEALTH OPTIONS
1527dnl
1528nocl_code=
1529xor_code=0
1530AC_ARG_ENABLE(nocl,
1531 [ --enable-nocl=PW no CL parsing unless first CL argument is PW],
1532 [
1533 if test "x${enableval}" != "x"; then
1534 AC_DEFINE(SH_STEALTH_NOCL)
1535 fi
1536 if test "x${enableval}" = "xstop" || test "x${enableval}" = "xstart"; then
1537 AC_MSG_ERROR([--enable-nocl: start/stop/reload/restart/status are reserved words])
1538 fi
1539 if test "x${enableval}" = "xreload" || test "x${enableval}" = "xrestart"; then
1540 AC_MSG_ERROR([--enable-nocl: start/stop/reload/restart/status are reserved words])
1541 fi
1542 if test "x${enableval}" = "xstatus"; then
1543 AC_MSG_ERROR([--enable-nocl: start/stop/reload/restart/status are reserved words])
1544 fi
1545 if test "x${enableval}" = "xno"; then
1546 AC_MSG_ERROR([--enable-nocl: use of --enable-nocl=no is ambiguous])
1547 fi
1548 nocl_code="${enable_nocl}"
1549 ]
1550)
1551AC_DEFINE_UNQUOTED(NOCL_CODE, _("${nocl_code}") )
1552AC_SUBST(nocl_code)
1553AC_ARG_ENABLE(stealth,
1554 [ --enable-stealth=XOR_VAL enable stealth mode [[no]]],
1555 [AC_DEFINE(SH_STEALTH)
1556 if test "x${enableval}" != "xyes"; then
1557 echo "${enableval}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
1558 AC_MSG_ERROR([--enable-stealth: XOR_VAL must be numeric])
1559 if test "${enableval}" -lt 127 || test "${enableval}" -gt 255; then
1560 if test x"${enableval}" = x0
1561 then
1562 :
1563 else
1564 AC_MSG_ERROR([--enable-stealth: XOR_VAL must be in the range 127 to 255])
1565 fi
1566 fi
1567 xor_code="${enable_stealth}"
1568 else
1569 xor_code=0
1570 fi
1571 stegin_prg="samhain_stealth"
1572 ],
1573 [
1574 stegin_prg=
1575 ]
1576)
1577AC_ARG_ENABLE(micro-stealth,
1578 [ --enable-micro-stealth=XOR_VAL enable micro stealth mode [[no]]],
1579 [
1580 AC_DEFINE(SH_STEALTH)
1581 AC_DEFINE(SH_STEALTH_MICRO)
1582 if test "x${enableval}" != "xyes"; then
1583 echo "${enableval}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
1584 AC_MSG_ERROR([--enable-micro-stealth: XOR_VAL must be numeric])
1585 if test "${enableval}" -lt 127 || test "${enableval}" -gt 255; then
1586 if test x"${enableval}" = x0
1587 then
1588 :
1589 else
1590 AC_MSG_ERROR([--enable-micro-stealth: XOR_VAL must be in the range 127 to 255])
1591 fi
1592 fi
1593 xor_code="${enable_micro_stealth}"
1594 else
1595 xor_code=0
1596 fi
1597 ]
1598)
1599install_name="samhain"
1600INSTALL_NAME="SAMHAIN"
1601AC_ARG_ENABLE(install-name,
1602 [ --enable-install-name=NAME name under which to install [[samhain|yule]]],
1603 [
1604 if test "x${enableval}" != "xyes"; then
1605 install_name="${enableval}"
1606 INSTALL_NAME=`echo "${enableval}" | tr [a-z] [A-Z]`
1607 else
1608 install_name="${sh_main_prg}"
1609 INSTALL_NAME=`echo "${sh_main_prg}" | tr [a-z] [A-Z]`
1610 fi
1611 ],
1612 [
1613 install_name="${sh_main_prg}"
1614 INSTALL_NAME=`echo "${sh_main_prg}" | tr [a-z] [A-Z]`
1615 ]
1616)
1617
1618
1619need_user_install=0
1620
1621AC_ARG_ENABLE(identity,
1622 [ --enable-identity=USER user if dropping root [[daemon]]],
1623 [
1624 if test x"$enableval" = xno; then
1625 myident="daemon"
1626 else
1627 myident="$enableval"
1628 fi
1629 echo "${myident}" | grep ['[^0123456789]'] >/dev/null 2>&1 || \
1630 AC_MSG_ERROR([--enable-identity: need username, not UID])
1631 myident_uid=`(cat /etc/passwd; ypcat passwd) 2>/dev/null |\
1632 grep "^${myident}:" | awk -F: '{ print $3; }'`
1633 if test x"${myident_uid}" = x; then
1634 AC_MSG_WARN([--enable-identity: user ${myident} will be added upon install])
1635 need_user_install=1
1636 fi
1637 ],
1638 [
1639 for myident in ${install_name} daemon nobody; do
1640 AC_MSG_CHECKING(for user ${myident})
1641 myident_uid=`(cat /etc/passwd; ypcat passwd) 2>/dev/null |\
1642 grep "^${myident}:" | awk -F: '{ print $3; }'`
1643 if test x"${myident_uid}" != x; then
1644 AC_MSG_RESULT(yes)
1645 break;
1646 else
1647 AC_MSG_RESULT(no)
1648 fi
1649 done
1650 if test x"${myident_uid}" = x; then
1651 myident=${install_name}
1652 AC_MSG_WARN([--enable-identity: user ${myident} will be added upon install])
1653 need_user_install=1
1654 fi
1655 ])
1656AC_DEFINE_UNQUOTED(DEFAULT_IDENT, _("${myident}") )
1657AC_SUBST(myident)
1658AC_SUBST(need_user_install)
1659
1660sh_insmod_cmd=": # no kernel module"
1661sh_lkm=""
1662lkm_inc=""
1663khidemap="/boot/System.map"
1664sh_syscalltable="0x0"
1665AC_ARG_ENABLE(khide,
1666 [ --enable-khide=SYSTEM_MAP use kernel module to hide (Linux only)[[/boot/System.map]]],
1667 [
1668 if test "x${enable_khide}" != xno; then
1669 if test "x${enableval}" != "xyes"; then
1670 khidemap="${enableval}"
1671 fi
1672 sh_syscalltable=`grep 'D sys_call_table' ${khidemap} | awk '{print $1}'`
1673 if test x"$sh_syscalltable" = x; then
1674 sh_syscalltable=`grep 'd sys_call_table' ${khidemap} | awk '{print $1}'`
1675 if test x"$sh_syscalltable" = x; then
1676 AC_MSG_ERROR([--enable-khide: symbol sys_call_table not found in ${khidemap}])
1677 fi
1678 fi
1679 sh_syscalltable="0x${sh_syscalltable}"
1680 install_name_len=`echo ${install_name} | awk '{ print(length()); }'`
1681 if test "${install_name_len}" -gt 15 ; then
1682 AC_MSG_ERROR([--enable-khide: install_name exceeds 15 char length limit])
1683 fi
1684 AC_DEFINE(SH_USE_LKM)
1685 AC_DEFINE_UNQUOTED(SH_MAGIC_HIDE, "${install_name}")
1686
1687 # -- NEW --
1688 kernel_version=`uname -r | sed s,2.6.*,LINUX26,`
1689 if test x"$kernel_version" = xLINUX26
1690 then
1691 sh_modlist_lock=`egrep ['[bd] modlist_lock$'] ${khidemap} | awk '{print $1}'`
1692 if test x"$sh_modlist_lock" = x; then
1693 AC_MSG_ERROR([--enable-khide: symbol modlist_lock not found in ${khidemap}])
1694 fi
1695 sh_modlist_lock="0x${sh_modlist_lock}"
1696 AC_DEFINE_UNQUOTED(SH_MODLIST_LOCK, ${sh_modlist_lock}, [The address of the modules list spinlock])
1697
1698 sh_list_modules=`egrep 'd modules$' ${khidemap} | awk '{print $1}'`
1699 if test x"$sh_list_modules" = x; then
1700 AC_MSG_ERROR([--enable-khide: symbol modules not found in ${khidemap}])
1701 fi
1702 sh_list_modules="0x${sh_list_modules}"
1703 AC_DEFINE_UNQUOTED(SH_LIST_MODULES, ${sh_list_modules}, [The address of the modules list])
1704
1705 AC_DEFINE(LINUX26, 1, [Define if kernel is 2.6])
1706 sh_insmod_cmd="modprobe ${install_name}_hide"
1707 sh_lkm="samhain_hide.ko"
1708 else
1709 sh_insmod_cmd="insmod ${install_name}_hide; insmod ${install_name}_erase; rmmod ${install_name}_erase"
1710 sh_lkm="samhain_hide.o samhain_erase.o"
1711 fi
1712 # -- END NEW --
1713
1714 kvers=`uname -r`
1715 if test -f /lib/modules/${kvers}/build/include/linux/kernel.h; then
1716 lkm_inc="-I/lib/modules/${kvers}/build/include"
1717 else
1718 AC_MSG_WARN([--enable-khide: /lib/modules/${kvers}/build/include/linux not found])
1719 AC_MSG_WARN([--enable-khide: You may need to install the kernel-source])
1720 AC_MSG_WARN([--enable-khide: headers for the currently-running kernel.])
1721 fi
1722 sh_is_vanilla_kernel=yes
1723 if test -f /lib/modules/${kvers}/build/include/linux/sched.h; then
1724 grep 'next_task,' /lib/modules/${kvers}/build/include/linux/sched.h >/dev/null 2>&1 || sh_is_vanilla_kernel=no
1725 fi
1726 if test x"${sh_is_vanilla_kernel}" = xno; then
1727 echo "This is not a 2.4 vanilla kernel"
1728 else
1729 AC_DEFINE(SH_VANILLA_KERNEL)
1730 fi
1731 fi
1732 ]
1733)
1734AC_SUBST(lkm_inc)
1735AC_SUBST(sh_lkm)
1736AC_SUBST(sh_insmod_cmd)
1737AC_SUBST(install_name)
1738AC_SUBST(INSTALL_NAME)
1739AC_SUBST(stegin_prg)
1740AC_SUBST(xor_code)
1741
1742AC_DEFINE_UNQUOTED(XOR_CODE, ${xor_code})
1743AC_DEFINE_UNQUOTED(SH_SYSCALLTABLE, ${sh_syscalltable})
1744
1745
1746exepack_state0=`${srcdir}/c_random.sh 2>/dev/null`
1747exepack_state1=`${srcdir}/c_random.sh 2>/dev/null`
1748exepack_state2=`${srcdir}/c_random.sh 2>/dev/null`
1749
1750AC_DEFINE_UNQUOTED(EXEPACK_STATE_0, ${exepack_state0})
1751AC_DEFINE_UNQUOTED(EXEPACK_STATE_1, ${exepack_state1})
1752AC_DEFINE_UNQUOTED(EXEPACK_STATE_2, ${exepack_state2})
1753
1754
1755AC_ARG_ENABLE(suidcheck,
1756 [ --enable-suidcheck check for suid/sgid files [[no]]],
1757 [
1758 if test "x${enableval}" = "xyes"; then
1759 AC_DEFINE(SH_USE_SUIDCHK)
1760 fi
1761 ]
1762)
1763
1764
1765systemmap="/boot/System.map"
1766sh_libkvm=""
1767AC_ARG_WITH(kcheck,
1768 [ --with-kcheck[[=SYSTEM_MAP]] check Linux/FreeBSD/OpenBSD kernel integrity [[/boot/System.map]]],
1769 [
1770 if test "x${withval}" != "xno"; then
1771 AC_DEFINE(SH_USE_KERN)
1772 kernelversion=`uname -r`
1773 AC_DEFINE_UNQUOTED(SH_KERNEL_VERSION, _("${kernelversion}"), [Define the kernel version])
1774 if test "x${withval}" != "xyes"; then
1775 systemmap="${withval}"
1776 fi
1777 if test "x${cross_compiling}" = xyes; then
1778 :
1779 elif test "x$selectconfig" = "xfreebsd"; then
1780 LIBS="$LIBS -lkvm"
1781 sh_libkvm="-lkvm"
1782 elif test -f "${systemmap}"; then
1783 :
1784 else
1785 AC_MSG_ERROR([--with-kcheck: cannot find system map ${systemmap}])
1786 fi
1787 fi
1788 ]
1789)
1790AC_SUBST(systemmap)
1791AC_SUBST(sh_libkvm)
1792
1793AC_ARG_ENABLE(base,
1794 [ --enable-base=B1,B2 base key (0...2147483647)],
1795 [
1796 AC_MSG_CHECKING(base key setting)
1797 my_key_A=`echo ${enableval} | awk 'BEGIN{FS=","}{print $1}'`
1798 my_key_B=`echo ${enableval} | awk 'BEGIN{FS=","}{print $2}'`
1799 AC_MSG_RESULT(${my_key_A} ${my_key_B})
1800 if test "x${my_key_A}" = x; then
1801 AC_MSG_ERROR([--enable-base: first base key has zero length])
1802 fi
1803 if test "x${my_key_B}" = x; then
1804 AC_MSG_ERROR([--enable-base: second base key has zero length])
1805 fi
1806 echo "${my_key_A}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
1807 AC_MSG_ERROR([--enable-base: base key must be numeric in the range 0 to 2147483647])
1808 echo "${my_key_B}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
1809 AC_MSG_ERROR([--enable-base: base key must be numeric in the range 0 to 2147483647])
1810 ],
1811 [
1812 AC_MSG_CHECKING(base key setting .. collecting entropy)
1813 my_key_1=`${srcdir}/c_random.sh 2>/dev/null`
1814 my_key_2=`${srcdir}/c_random.sh 2>/dev/null`
1815 my_key_3=`${srcdir}/c_random.sh 2>/dev/null`
1816 my_key_4=`${srcdir}/c_random.sh 2>/dev/null`
1817 my_key_A=`expr $my_key_1 \* 32767`
1818 my_key_A=`echo ${my_key_A} | sed 's%^0*%%g' 2>/dev/null`
1819 my_key_A=`expr $my_key_A \+ $my_key_2`
1820 my_key_B=`expr $my_key_3 \* 32767`
1821 my_key_B=`echo ${my_key_B} | sed 's%^0*%%g' 2>/dev/null`
1822 my_key_B=`expr $my_key_B \+ $my_key_4`
1823 AC_MSG_RESULT(${my_key_A} ${my_key_B})
1824 ]
1825 )
1826AC_SUBST(my_key_A)
1827AC_SUBST(my_key_B)
1828
1829dnl low bytes
1830my_key_1=`expr $my_key_A \% 65536`
1831dnl high bytes
1832my_key_2=`expr $my_key_A \/ 65536`
1833dnl low bytes
1834my_key_3=`expr $my_key_B \% 65536`
1835dnl high bytes
1836my_key_4=`expr $my_key_B \/ 65536`
1837
1838dnl echo ${my_key_1} ${my_key_2} ${my_key_3} ${my_key_4}
1839
1840dnl touch ./sh_MK.h
1841dnl echo "#ifndef SH_MK_H" >> ./sh_MK.h
1842dnl echo "#define SH_MK_H" >> ./sh_MK.h
1843dnl ${srcdir}/c_bits.sh ${my_key_1} MKB >> ./sh_MK.h
1844dnl ${srcdir}/c_bits.sh ${my_key_2} MKA >> ./sh_MK.h
1845dnl ${srcdir}/c_bits.sh ${my_key_3} MKC >> ./sh_MK.h
1846dnl ${srcdir}/c_bits.sh ${my_key_4} MKD >> ./sh_MK.h
1847dnl echo "#endif" >> ./sh_MK.h
1848AC_SUBST(my_key_1)
1849AC_SUBST(my_key_2)
1850AC_SUBST(my_key_3)
1851AC_SUBST(my_key_4)
1852
1853AC_MSG_CHECKING(key position)
1854pos_tf_1=`${srcdir}/c_random.sh 2>/dev/null`
1855pos_tf_2=`expr $pos_tf_1 \% 8`
1856pos_tf=`expr $pos_tf_2 + 1`
1857AC_MSG_RESULT(${pos_tf})
1858AC_DEFINE_UNQUOTED(POS_TF, ${pos_tf} )
1859
1860mykeybase=`echo ${my_key_A},${my_key_B}`
1861AC_DEFINE_UNQUOTED(DEFKEY, ${mykeybase} )
1862AC_SUBST(mykeybase)
1863
1864
1865dnl
1866dnl GPG/PGP options
1867dnl
1868
1869AC_ARG_WITH(gpg,
1870 [ --with-gpg=PATH use GnuPG to verify database/config [[no]]],
1871 [
1872 if test "x${withval}" != "xno"; then
1873 if test "x${cross_compiling}" = xyes; then
1874 mygpg="${withval}"
1875 else
1876 if test -f "${withval}"; then
1877 mygpg="${withval}"
1878 mychk0=`${withval} --load-extension tiger --print-md TIGER192 ${withval} 2>/dev/null`
1879 if test "x$?" != "x0"; then
1880 mychktest=no
1881 for sampre in ./samhain ./yule /usr/local/sbin/samhain /usr/local/bin/samhain /usr/bin/samhain /usr/sbin/samhain /usr/local/sbin/yule /usr/local/bin/yule /usr/bin/yule /usr/sbin/yule; do
1882 if test x"${mychktest}" = xyes
1883 then
1884 :
1885 else
1886 if test -f ${sampre}
1887 then
1888 echo "use existing ${sampre} for gpg checksum"
1889 mychk0=`${sampre} -H ${withval} 2>/dev/null`
1890 if test "x$?" != "x0"; then
1891 :
1892 else
1893 mychk="${mychk0}"
1894 mychktest=yes
1895 fi
1896 fi
1897 fi
1898 done
1899 if test x${mychktest} = xno; then
1900 AC_MSG_WARN([--with-gpg: cannot determine TIGER192 checksum of ${withval}])
1901 echo "-------------------------------------------------------------"
1902 echo " Your gpg binary does not support the TIGER192 checksum, "
1903 echo " and I cannot find an existing samhain binary to use instead."
1904 echo " You can:"
1905 echo " (a) run make to compile a samhain binary, then repeat"
1906 echo " ./configure and make"
1907 echo " (b) ignore the failure. The checksum of the gpg binary"
1908 echo " will not get compiled in, thus allowing an attacker"
1909 echo " to replace gpg with a trojan and subverting the gpg"
1910 echo " signature verification of configure and database files."
1911 echo "-------------------------------------------------------------"
1912 fi
1913 else
1914 mychk="${mychk0}"
1915 fi
1916 else
1917 AC_MSG_WARN([--with-gpg: cannot find GnuPG PATH=${withval}])
1918 fi
1919 fi
1920 AC_DEFINE(WITH_GPG)
1921 AC_DEFINE_UNQUOTED(DEFAULT_GPG_PATH, _("${mygpg}") )
1922 AC_SUBST(mygpg)
1923 fi
1924 ]
1925)
1926
1927dnl AC_ARG_WITH(pgp,
1928dnl [ --with-pgp=PATH Use PGP to verify database/config (no).],
1929dnl [myppg="$withval"
1930dnl AC_DEFINE(WITH_PGP)
1931dnl AC_DEFINE_UNQUOTED(DEFAULT_PGP_PATH, _("${myppg}") )
1932dnl ])
1933
1934AC_ARG_WITH(checksum,
1935 [ --with-checksum=CHKSUM compile in gpg/pgp checksum [[yes]]],
1936 [
1937 if test "x${withval}" != "xno"; then
1938 if test "x${withval}" != "xyes"; then
1939 if test "x${mychk}" != "x"; then
1940 if test "x${mychk}" != "x${withval}"; then
1941 AC_MSG_WARN([--with-checksum: possible gpg CHKSUM problem])
1942 AC_MSG_WARN([--with-checksum: CHKSUM=${withval}])
1943 AC_MSG_WARN([--with-checksum: autodetected=${mychk}])
1944 fi
1945 fi
1946 mychk="${withval}"
1947 else
1948 if test "x${mychk}" = "x"; then
1949 AC_MSG_ERROR([--with-checksum: gpg CHKSUM not specified])
1950 fi
1951 fi
1952 AC_DEFINE(HAVE_GPG_CHECKSUM)
1953 AC_DEFINE_UNQUOTED(GPG_HASH, _("${mychk}") )
1954 echo "${mychk}" | sed 's,.*:,,g' | sed 's, ,,g' | sed 's,\(.\),\1:,g' | awk '{ split($0, arr, ":"); m = length($1)/2; print "#ifndef CHKSUM_H"; print "#define CHKSUM_H"; print "char gpgchk[50];"; for (i=1; i <= m; i++) printf "gpgchk[%d] = %c%s%c;\n", i-1, 39, arr[i], 39; printf "gpgchk[48] = %c%c0%c;\n", 39, 92, 39; print "#endif"; }' > sh_gpg_chksum.h
1955 fi
1956 ],
1957 [
1958 if test "x${mygpg}" != "x"; then
1959 if test "x${mychk}" != "x"; then
1960 AC_DEFINE(HAVE_GPG_CHECKSUM)
1961 AC_DEFINE_UNQUOTED(GPG_HASH, _("${mychk}") )
1962 echo "${mychk}" | sed 's,.*:,,g' | sed 's, ,,g' | sed 's,\(.\),\1:,g' | awk '{ split($0, arr, ":"); m = length($1)/2; print "#ifndef CHKSUM_H"; print "#define CHKSUM_H"; print "char gpgchk[50];"; for (i=1; i <= m; i++) printf "gpgchk[%d] = %c%s%c;\n", i-1, 39, arr[i], 39; printf "gpgchk[48] = %c%c0%c;\n", 39, 92, 39; print "#endif"; }' > sh_gpg_chksum.h
1963 fi
1964 fi
1965 ]
1966)
1967
1968AC_ARG_WITH(fp,
1969 [ --with-fp=FINGERPRINT compile in public key fingerprint [[no]]],
1970 [
1971 if test "x${withval}" != "xno"; then
1972 if test "x${withval}" != "xyes"; then
1973 withval0=`echo ${withval} | sed 's% %%g'`
1974 echo "${withval0}" | \
1975 grep ['[^0123456789abcdefABCDEF]'] >/dev/null 2>&1 &&
1976 AC_MSG_ERROR([--with-fp: invalid character(s) in FINGERPRINT=${withval0}])
1977 sh_len=`echo ${withval0} | wc -c | sed 's% %%g'`
1978 sh_len0=`expr ${sh_len} \- 1`
1979 if test "x${sh_len0}" = "x40" || test "x${sh_len0}" = "x32"
1980 then
1981 myfp="${withval0}"
1982 AC_DEFINE(USE_FINGERPRINT)
1983 AC_DEFINE_UNQUOTED(SH_GPG_FP, _("${myfp}") )
1984 echo "${myfp}" | sed 's,.*:,,g' | sed 's, ,,g' | sed 's,\(.\),\1:,g' | awk '{ split($0, arr, ":"); m = length($1)/2; print "#ifndef FINGERPRINT_H"; print "#define FINGERPRINT_H"; printf "char gpgfp[%d];\n", m+1; for (i=1; i <= m; i++) printf "gpgfp[%d] = %c%s%c;\n", i-1, 39, arr[i], 39; printf "gpgfp[%d] = %c%c0%c;\n", m, 39, 92, 39; print "#endif"; }' > sh_gpg_fp.h
1985 else
1986 AC_MSG_ERROR([--with-fp: length (${sh_len0}) of FINGERPRINT ${withval0} incorrect])
1987 fi
1988 else
1989 AC_MSG_ERROR([--with-fp: usage error ... FINGERPRINT=yes])
1990 fi
1991 fi
1992 ])
1993
1994
1995dnl
1996dnl MAIL OPTIONS
1997dnl
1998
1999AC_ARG_WITH(recipient,
2000 [ --with-recipient=ADDR set recipient(s) for e-mail [[none]]],
2001 [
2002 withval0=`echo ${withval} | sed 's%,% %g'`
2003 for sh_item in ${withval0}
2004 do
2005 case ${sh_item} in
2006 *@localhost)
2007 ;;
2008 *@*.*)
2009 sh_tmp=`echo ${sh_item} | awk '{ if ($1 ~ [/^[a-zA-Z0-9][a-zA-Z0-9\-_\.]*@[a-zA-Z0-9\-\.]+\.([a-zA-Z]+|[0-9]+)$/]) {print 1; } else { print 0}}'`
2010 if test "x${sh_tmp}" != "x1"
2011 then
2012 AC_MSG_ERROR([--with-recipient: invalid mail address ${sh_item}])
2013 fi
2014 ;;
2015 *)
2016 AC_MSG_ERROR([--with-recipient: invalid mail address ${sh_item}])
2017 ;;
2018 esac
2019 done
2020 myrcp="$withval0"
2021 ],
2022 [myrcp="NULL"])
2023AC_DEFINE_UNQUOTED(DEFAULT_MAILADDRESS, _("${myrcp}") )
2024
2025
2026AC_ARG_WITH(sender,
2027 [ --with-sender=SENDER set sender for e-mail [[daemon]]],
2028 [
2029 mysender="${withval}"
2030 ],
2031 [
2032 mysender="daemon"
2033 ])
2034AC_DEFINE_UNQUOTED(DEFAULT_SENDER, _("${mysender}") )
2035
2036
2037dnl
2038dnl PATHS
2039dnl
2040
2041AC_ARG_WITH(trusted,
2042 [ --with-trusted=UID Set uid(s) of trusted users [[0]]],
2043 [
2044 sh_tmp_test=no
2045 sh_tmp=`echo ${withval} | sed 's%,% %g'`
2046 for sh_tmp1 in ${sh_tmp}
2047 do
2048 echo "${sh_tmp1}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
2049 AC_MSG_ERROR([--with-trusted: non-numeric UID in ${withval}])
2050 if test "x${sh_tmp1}" = "x0"
2051 then
2052 sh_tmp_test=yes
2053 fi
2054 done
2055 if test "x${sh_tmp_test}" = "xno"
2056 then
2057 withval="0,${withval}"
2058 fi
2059 mytrust="${withval}"
2060 ],
2061 [mytrust="0"] )
2062AC_DEFINE_UNQUOTED(SL_ALWAYS_TRUSTED, ${mytrust} )
2063AC_SUBST(mytrust)
2064
2065AC_ARG_WITH(tmp-dir,
2066 [ --with-tmp-dir=PFX set directory for temporary files [[HOME]]],
2067 [
2068 if test "x${cross_compiling}" = xyes; then
2069 :
2070 else
2071 if test -d "${withval}"; then
2072 my_tmp_dir="$withval"
2073 AC_DEFINE_UNQUOTED(SH_TMPDIR, _("${my_tmp_dir}") )
2074 else
2075 AC_MSG_ERROR([--with-tmp-dir: tmp directory ${withval} does not exist])
2076 fi
2077 fi
2078 ]
2079)
2080
2081dnl
2082dnl PATH DEFAULTS
2083dnl
2084
2085if test "x${ac_prefix_set}" = xyes
2086then
2087 if test "x${exec_prefix}" = xNONE
2088 then
2089 exec_prefix="${prefix}"
2090 fi
2091
2092 if test "x${prefix}" = xOPT
2093 then
2094 tmp_sbindir="/opt/${install_name}/bin"
2095 tmp_sysconfdir="/etc/opt"
2096 tmp_mandir="/opt/${install_name}/man"
2097 tmp_localstatedir="/var/opt/${install_name}"
2098 elif test "x${prefix}" = xUSR
2099 then
2100 tmp_sbindir="/usr/sbin"
2101 tmp_sysconfdir="/etc"
2102 tmp_mandir="/usr/share/man"
2103 tmp_localstatedir="/var"
2104 else
2105 tmp_sbindir=`eval echo ${sbindir}`
2106 tmp_sysconfdir=`eval echo ${sysconfdir}`
2107 tmp_mandir=`eval echo ${mandir}`
2108 tmp_localstatedir=`eval echo ${localstatedir}`
2109 fi
2110else
2111 prefix=""
2112 if test "x${ac_exec_prefix_set}" = xyes
2113 then
2114 tmp_sbindir=`eval echo ${sbindir}`
2115 else
2116 tmp_sbindir="/usr/local/sbin"
2117 fi
2118 tmp_sysconfdir="/etc"
2119 # share/man -> man (FHS) 11.10.2002
2120 tmp_mandir="/usr/local/man"
2121 tmp_localstatedir="/var"
2122fi
2123
2124
2125if test "x${ac_sbindir_set}" = xyes
2126then
2127 :
2128else
2129 sbindir=`eval echo ${tmp_sbindir}`
2130fi
2131
2132
2133if test "x${ac_sysconfdir_set}" = xyes
2134then
2135 :
2136else
2137 sysconfdir=`eval echo ${tmp_sysconfdir}`
2138fi
2139
2140if test "x${ac_mandir_set}" = xyes
2141then
2142 :
2143else
2144 mandir=`eval echo ${tmp_mandir}`
2145fi
2146
2147if test "x${ac_localstatedir_set}" = xyes
2148then
2149 :
2150else
2151 localstatedir=`eval echo ${tmp_localstatedir}`
2152fi
2153
2154
2155
2156AC_ARG_WITH(config-file,
2157 [ --with-config-file=FILE configuration file [[/etc/{install_name}rc]]],
2158 [
2159 myconffile="${withval}"
2160 changequote(<<, >>)dnl
2161 tmp=`echo ${withval} | sed 's%^REQ_FROM_SERVER%%'`
2162 sysconfdir=`echo ${tmp} | sed 's%/[^/][^/]*$%%'`
2163 myrpmconffile="${tmp}"
2164 changequote([, ])dnl
2165 ],
2166 [
2167 myconffile="${sysconfdir}/${install_name}rc"
2168 myrpmconffile="${myconffile}"
2169 ]
2170)
2171AC_DEFINE_UNQUOTED(DEFAULT_CONFIGFILE, _("${myconffile}") )
2172AC_SUBST(myconffile)
2173AC_SUBST(myrpmconffile)
2174
2175AC_ARG_WITH(log-file,
2176 [ --with-log-file=FILE path of log file [[/var/log/{install_name}_log]]],
2177 [
2178 mylogfile="$withval"
2179 changequote(<<, >>)dnl
2180 mylogdir=`echo ${withval} | sed 's%/[^/][^/]*$%%'`
2181 changequote([, ])dnl
2182 ],
2183 [
2184 if test "x${mytclient}" = "x-DSH_WITH_SERVER"; then
2185 mylogfile="${localstatedir}/log/${install_name}/${install_name}_log"
2186 mylogdir="${localstatedir}/log/${install_name}"
2187 else
2188 mylogfile="${localstatedir}/log/${install_name}_log"
2189 mylogdir="${localstatedir}/log"
2190 fi
2191 ]
2192)
2193AC_DEFINE_UNQUOTED(DEFAULT_ERRFILE, _("${mylogfile}") )
2194AC_DEFINE_UNQUOTED(DEFAULT_LOGDIR, _("${mylogdir}") )
2195AC_SUBST(mylogfile)
2196AC_SUBST(mylogdir)
2197
2198AC_ARG_WITH(pid-file,
2199 [ --with-pid-file=FILE set path of pid file [[/var/run/{install_name}.pid]]],
2200 [
2201 mylockfile="$withval"
2202 changequote(<<, >>)dnl
2203 mylockdir=`echo ${withval} | sed 's%/[^/][^/]*$%%'`
2204 changequote([, ])dnl
2205 ],
2206 [
2207 mylockfile="${localstatedir}/run/${install_name}.pid"
2208 mylockdir="${localstatedir}/run"
2209 ]
2210)
2211AC_DEFINE_UNQUOTED(DEFAULT_ERRLOCK, _("${mylockfile}") )
2212AC_DEFINE_UNQUOTED(DEFAULT_PIDDIR, _("${mylockdir}") )
2213AC_SUBST(mylockfile)
2214AC_SUBST(mylockdir)
2215
2216AC_ARG_WITH(state-dir,
2217 [ --with-state-dir=PFX set state data directory [[/var/lib/{install_name}]]],
2218 [
2219 mydataroot="$withval"
2220 ],
2221 [
2222 mydataroot="${localstatedir}/lib/${install_name}"
2223 ]
2224 )
2225AC_ARG_WITH(data-file,
2226 [ --with-data-file=FILE set path of data file],
2227 [
2228 mydatafile="$withval"
2229 changequote(<<, >>)dnl
2230 tmp=`echo ${withval} | sed 's%^REQ_FROM_SERVER%%'`
2231 mydataroot=`echo ${tmp} | sed 's%/[^/][^/]*$%%'`
2232 myrpmdatafile="${tmp}"
2233 changequote([, ])dnl
2234 if test x"${tmp}" = x
2235 then
2236 echo "No local path in data file ${withval}"
2237 echo "This will not work for initializing the database."
2238 if test x"${withval}" = xREQ_FROM_SERVER
2239 then
2240 echo "It should be REQ_FROM_SERVER/some/local/path"
2241 fi
2242 AC_MSG_ERROR([--with-data-file: invalid path ${withval}])
2243 fi
2244 ],
2245 [
2246 mydatafile="${mydataroot}/${install_name}_file"
2247 myrpmdatafile="${mydatafile}"
2248 ])
2249AC_DEFINE_UNQUOTED(DEFAULT_DATA_FILE, _("${mydatafile}") )
2250AC_SUBST(mydatafile)
2251AC_SUBST(myrpmdatafile)
2252
2253AC_DEFINE_UNQUOTED(DEFAULT_DATAROOT, _("${mydataroot}") )
2254AC_SUBST(mydataroot)
2255
2256AC_DEFINE_UNQUOTED(DEFAULT_QDIR, _("${mydataroot}/.quarantine") )
2257AC_SUBST(myqdir)
2258
2259
2260AC_ARG_WITH(html-file,
2261 [ --with-html-file=FILE set path of html file,],
2262 [
2263 myhtmlfile="$withval"
2264 ],
2265 [
2266 myhtmlfile="${mylogdir}/${install_name}.html"
2267 ])
2268AC_DEFINE_UNQUOTED(DEFAULT_HTML_FILE, _("${myhtmlfile}") )
2269AC_SUBST(myhtmlfile)
2270
2271
2272mydefargs=$ac_configure_args
2273# if test -z "`echo "$mydefargs" | grep "\-\-enable\-static" 2> /dev/null`"
2274# then
2275# mydefargs="--enable-static $mydefargs"
2276# fi
2277if test -z "`echo "$mydefargs" | grep "\-\-enable\-base" 2> /dev/null`"
2278then
2279 mydefargs="--enable-base=${mykeybase} $mydefargs"
2280fi
2281AC_SUBST(mydefargs)
2282
2283
2284AC_DEFINE_UNQUOTED(SH_INSTALL_DIR, _("${sbindir}"))
2285AC_DEFINE_UNQUOTED(SH_INSTALL_PATH, _("${sbindir}/${install_name}"))
2286AC_DEFINE_UNQUOTED(SH_INSTALL_NAME, _("${install_name}"))
2287
2288AC_CONFIG_HEADER(config.h)
2289
2290AC_OUTPUT(
2291[
2292Makefile
2293samhain-install.sh
2294init/samhain.startLSB
2295init/samhain.startLinux
2296init/samhain.startGentoo
2297init/samhain.startFreeBSD
2298init/samhain.startSolaris
2299init/samhain.startHPUX
2300init/samhain.startIRIX
2301samhain.spec
2302rules.deb
2303rules.deb-light
2304hp_ux.psf
2305scripts/samhain.spec
2306scripts/redhat_i386.client.spec
2307scripts/samhain.ebuild
2308scripts/samhain.ebuild-light
2309scripts/samhainadmin.pl
2310scripts/check_samhain.pl
2311deploy.sh
2312],
2313[
2314echo timestamp > stamp-h
2315chmod +x samhain-install.sh
2316chmod +x scripts/samhainadmin.pl
2317chmod +x scripts/check_samhain.pl
2318]
2319)
2320
2321chmod +x deploy.sh
2322
2323if test "x${cross_compiling}" = xyes
2324then
2325
2326echo "--------------------------------------------------------------"
2327echo
2328echo "You are using a cross-compiler. The following system dependent"
2329echo "values may have been set to default values that may be"
2330echo "incorrect for your target system: "
2331echo
2332echo "ac_cv_c_bigendian bigendian byte order ${ac_cv_c_bigendian}"
2333echo "ac_cv_c_long_double long double exists ${ac_cv_c_long_double}"
2334echo "ac_cv_sizeof_char_p size of pointer to char ${ac_cv_sizeof_char_p}"
2335echo "ac_cv_sizeof_char_p size of size_t ${ac_cv_sizeof_size_t}"
2336echo "ac_cv_sizeof_unsigned_int_ size of unsigned int ${ac_cv_sizeof_unsigned_int_}"
2337echo "ac_cv_sizeof_unsigned_long size of unsigned long ${ac_cv_sizeof_unsigned_long}"
2338echo "ac_cv_sizeof_unsigned_short size of unsigned short ${ac_cv_sizeof_unsigned_short}"
2339echo
2340echo "If these values are incorrect, change them in the file "
2341echo "config.cache and run configure again."
2342echo
2343echo "--------------------------------------------------------------"
2344
2345fi
2346
2347if test x${silent} != xyes
2348then
2349
2350 # A=`eval echo ${sbindir}` ; A=`eval echo ${A}`
2351 # B=`eval echo ${myconffile}` ; B=`eval echo ${B}`
2352 # C=`eval echo ${mandir}` ; C=`eval echo ${C}`
2353 # D=`eval echo ${mylockfile}` ; D=`eval echo ${D}`
2354 # E=`eval echo ${mylogfile}` ; E=`eval echo ${E}`
2355 # F=`eval echo ${mydataroot}` ; F=`eval echo ${F}`
2356
2357 echo
2358 echo " samhain has been configured as follows:"
2359 echo " System binaries: ${sbindir}"
2360 echo " Configuration file: ${myconffile}"
2361 echo " Manual pages: ${mandir}"
2362 echo " Data: ${mydataroot}"
2363 echo " PID file: ${mylockfile}"
2364 echo " Log file: ${mylogfile}"
2365 echo " Base key: ${mykeybase}"
2366 echo
2367 if test x"$mytclient" = x"-DSH_WITH_SERVER"
2368 then
2369 echo " Selected rc file: yulerc"
2370 else
2371 echo " Selected rc file: samhainrc.${selectconfig}"
2372 fi
2373
2374fi
2375
Note: See TracBrowser for help on using the repository browser.