source: trunk/configure.ac@ 290

Last change on this file since 290 was 290, checked in by katerina, 14 years ago

Fixes for tickets #215, #216, #217, #218, version bumped to 2.7.2

File size: 76.1 KB
Line 
1dnl We want to override the standard _AC_INIT_PARSE_ARGS
2dnl
3AU_ALIAS([_AC_INIT_PARSE_ARGS], [SH_INIT_PARSE_ARGS])
4AU_ALIAS([_AC_INIT_help], [SH_INIT_HELP])
5
6AC_INIT(src/samhain.c)
7
8
9AC_ARG_VAR([LIBS], [libraries to link against, e.g. -lintl])
10
11dnl
12dnl start
13dnl
14AM_INIT_AUTOMAKE(samhain, 2.7.2)
15AC_DEFINE([SAMHAIN], 1, [Application is samhain])
16AC_CANONICAL_HOST
17
18dnl
19dnl checks for programs
20dnl
21
22AC_PROG_CC
23if test "$host" != "$build"; then
24 AC_CHECK_PROGS(BUILD_CC, gcc cc)
25else
26 BUILD_CC=$CC
27fi
28AC_PROG_CPP
29AC_PROG_INSTALL
30AC_PROG_LN_S
31AC_PROG_AWK
32SH_PROG_LD
33AC_PATH_PROG(cmd_hostname,hostname)
34AC_SUBST(cmd_hostname)
35AC_SUBST(BUILD_CC)
36
37AC_HEADER_STDC
38dnl
39dnl first one is a dummy because of an autoconf bug
40dnl (no HAVE_... for first one)
41dnl
42AC_CHECK_HEADERS([sys/ipc.h sys/msg.h sys/uio.h fcntl.h])
43
44
45AC_MSG_CHECKING([for OS specific issues])
46mydebugflag=no
47myneedg3=no
48uid_cast="signed long"
49selectconfig=linux
50mynetbsd=no
51sh_use_lcaps="undef"
52dnmalloc_ok=yes
53sh_use_pie=yes
54
55case "$host_os" in
56
57 *linux*)
58 sh_use_lcaps="yes"
59 AC_DEFINE(HOST_IS_LINUX)
60 AC_DEFINE(HAVE_EXT2_IOCTLS)
61 AC_MSG_RESULT([use ioctl to get e2fs flags])
62 case "$host_cpu" in
63 i*86*)
64 AC_DEFINE(HOST_IS_I86LINUX)
65 ;;
66 x86_64)
67 AC_DEFINE([HOST_IS_64LINUX], 1, [Define if host OS is 64bit Linux])
68 ;;
69 *)
70 ;;
71 esac
72 ;;
73
74 *osf*)
75 AC_DEFINE([HOST_IS_OSF], 1, [Define if host OS is OSF])
76 if test "x$GCC" != "xyes"; then
77 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
78 CFLAGS="$CFLAGS -O2 -assume noaligned_objects"
79 myneedg3=yes
80 AC_MSG_RESULT([compiler needs assume noaligned_objects])
81 else
82 AC_MSG_RESULT([none])
83 fi
84 ;;
85
86 *cygwin*)
87 AC_DEFINE(HOST_IS_CYGWIN)
88 dnmalloc_ok=no
89 AC_MSG_RESULT([no trusted paths and no dnmalloc])
90 ;;
91
92 *darwin*)
93 AC_DEFINE(HOST_IS_DARWIN)
94 dnmalloc_ok=no
95 AC_MSG_RESULT([check resource forks, no dnmalloc])
96 ;;
97
98 *freebsd7*)
99 AC_DEFINE(HOST_IS_FREEBSD)
100 selectconfig=freebsd
101 case "$host_cpu" in
102 amd64)
103 sh_use_pie=no
104 dnmalloc_ok=no
105 AC_MSG_RESULT([no dnmalloc and broken compiler toolchain])
106 ;;
107 *)
108 AC_MSG_RESULT([none])
109 ;;
110 esac
111 ;;
112
113 *freebsd*)
114 AC_DEFINE(HOST_IS_FREEBSD)
115 selectconfig=freebsd
116 AC_MSG_RESULT([none])
117 ;;
118
119 *openbsd*)
120 AC_DEFINE([HOST_IS_OPENBSD], 1, [Define if host OS is OPENBSD])
121 selectconfig=freebsd
122 dnmalloc_ok=no
123 AC_MSG_RESULT([dnmalloc does not work with pthreads])
124 ;;
125
126 *netbsd*)
127 mynetbsd=yes
128 selectconfig=netbsd
129 AC_MSG_RESULT([bug with libresolve])
130 ;;
131
132 *solaris*)
133 selectconfig=solaris
134 AC_DEFINE(HOST_IS_SOLARIS)
135 case "$host_cpu" in
136 i*86)
137 AC_DEFINE(HOST_IS_I86SOLARIS)
138 AC_MSG_RESULT([vsnprintf prototype])
139 ;;
140 *)
141 AC_MSG_RESULT([none])
142 ;;
143 esac
144 if test "x$GCC" != "xyes"; then
145 if test ! -z "`echo "$CFLAGS" | grep "\-g" 2> /dev/null`" ; then
146 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
147 fi
148 if test -z "`echo "$CFLAGS" | grep "\-xO2" 2> /dev/null`"; then
149 CFLAGS="$CFLAGS -xO2"
150 fi
151 if test -z "`echo "$CFLAGS" | grep "\-Xa" 2> /dev/null`"; then
152 CFLAGS="$CFLAGS -Xa"
153 fi
154 LIBS="-lc $LIBS"
155 fi
156 ;;
157
158
159 *sun*)
160 selectconfig=solaris
161 AC_DEFINE(HOST_IS_SOLARIS)
162 AC_MSG_RESULT([none])
163 ;;
164
165 *aix*)
166 AC_DEFINE(HOST_IS_AIX)
167 selectconfig=aix5.2.0
168 uid_cast="unsigned long"
169 if test "x$GCC" != "xyes"; then
170 if test ! -z "`echo "$CFLAGS" | grep "\-g" 2> /dev/null`" ; then
171 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
172 fi
173 if test -z "`echo "$CFLAGS" | grep "\-O3" 2> /dev/null`"; then
174 CFLAGS="$CFLAGS -O3"
175 fi
176 if test -z "`echo "$CFLAGS" | grep "\-qstrict" 2> /dev/null`"; then
177 CFLAGS="$CFLAGS -qstrict"
178 fi
179 AC_MSG_RESULT([AIX size_t in the accept call and optimize O3 qstrict])
180 else
181 AC_MSG_RESULT([AIX size_t in the accept call])
182 fi
183 ;;
184
185 *hpux*)
186 AC_MSG_RESULT([HPUX need _XOPEN_SOURCE_EXTENDED for h_errno])
187 AC_DEFINE(HOST_IS_HPUX)
188 if test "x$GCC" != "xyes"; then
189 if test ! -z "`echo "$CFLAGS" | grep "\-g" 2> /dev/null`" ; then
190 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
191 fi
192 if test -z "`echo "$CFLAGS" | grep "\+O2" 2> /dev/null`"; then
193 CFLAGS="$CFLAGS +O2"
194 fi
195 fi
196 ;;
197
198 *ultrix*)
199 AC_MSG_RESULT([ULTRIX getcwd uses popen])
200 AC_DEFINE(HAVE_BROKEN_GETCWD)
201 ;;
202
203 *)
204 AC_MSG_RESULT([none])
205 ;;
206esac
207
208AC_SUBST(selectconfig)
209AC_DEFINE_UNQUOTED(UID_CAST, ${uid_cast})
210
211
212
213dnl *****************************************
214dnl
215dnl checks for header files
216dnl
217dnl *****************************************
218
219AC_HEADER_DIRENT
220AC_HEADER_MAJOR
221AC_HEADER_TIME
222dnl used in minilzo.c
223AC_HEADER_STAT
224AC_DECL_SYS_SIGLIST
225
226AC_CHECK_HEADERS(stddef.h libgen.h sched.h malloc.h sys/uio.h \
227 sys/mman.h sys/param.h sys/inotify.h \
228 sys/vfs.h mntent.h \
229 sys/select.h sys/socket.h netinet/in.h \
230 regex.h glob.h \
231 linux/ext2_fs.h linux/fs.h ext2fs/ext2_fs.h asm/segment.h \
232 elf.h linux/elf.h \
233 paths.h arpa/nameser.h arpa/nameser_compat.h \
234 rpc/rpcent.h rpc/rpc.h sys/statvfs.h,
235 [],
236 [],
237 [#include <sys/types.h>]
238)
239
240
241AC_CHECK_HEADER(utmpx.h, sh_utmpx="yes", sh_utmpx="no")
242if test "x$sh_utmpx" = "xyes"; then
243 if cat "/usr/include/utmpx.h" 2>&5 |
244 egrep "WTMPX_FILE" >/dev/null 2>&1; then
245 AC_DEFINE(HAVE_UTMPX_H)
246 AC_EGREP_HEADER(ut_host, utmpx.h, AC_DEFINE(HAVE_UTHOST) )
247 AC_EGREP_HEADER(ut_addr, utmpx.h, AC_DEFINE(HAVE_UTADDR) )
248 AC_EGREP_HEADER(ut_xtime,utmpx.h, AC_DEFINE(HAVE_UTXTIME) )
249 AC_EGREP_HEADER(ut_type, utmpx.h, AC_DEFINE(HAVE_UTTYPE) )
250 else
251 AC_EGREP_HEADER(ut_addr, utmp.h, AC_DEFINE(HAVE_UTADDR) )
252 AC_EGREP_HEADER(ut_host, utmp.h, AC_DEFINE(HAVE_UTHOST) )
253 AC_EGREP_HEADER(ut_type, utmp.h, AC_DEFINE(HAVE_UTTYPE) )
254 fi
255else
256 AC_EGREP_HEADER(ut_host, utmp.h, AC_DEFINE(HAVE_UTHOST) )
257 AC_EGREP_HEADER(ut_type, utmp.h, AC_DEFINE(HAVE_UTTYPE) )
258fi
259
260dnl
261dnl figure out where acct.h lives
262dnl and whether fields are int/comp_t
263dnl
264dnl GNU Accounting Utilities
265dnl Copyright (C) 1993, 1996, 1997, 2003, 2005 Free Software Foundation, Inc.
266dnl The GNU Accounting Utilities are free software; you can redistribute
267dnl them and/or modify them under the terms of the GNU General Public
268dnl License as published by the Free Software Foundation; either version
269dnl 2, or (at your option) any later version.
270dnl
271AC_CHECK_HEADER(sys/acct.h,
272 AC_DEFINE(HAVE_SYS_ACCT_H, ,
273 [Define if you have the <sys/acct.h> header file.])
274 AC_HEADER_EGREP(ac_utime, sys/acct.h,
275 AC_DEFINE(HAVE_ACUTIME, ,
276 [Define if <sys/acct.h> has the AC_UTIME field.])
277 AC_HEADER_EGREP(comp_t.*ac_utime, sys/acct.h,
278 AC_DEFINE(ACUTIME_COMPT, ,
279 [Define if <sys/acct.h>'s AC_UTIME field is a COMP_T.]))
280 )
281 AC_HEADER_EGREP(ac_stime, sys/acct.h,
282 AC_DEFINE(HAVE_ACSTIME, ,
283 [Define if <sys/acct.h> has the AC_STIME field.])
284 AC_HEADER_EGREP(comp_t.*ac_stime, sys/acct.h,
285 AC_DEFINE(ACSTIME_COMPT, ,
286 [Define if <sys/acct.h>'s AC_STIME field is a COMP_T.]))
287 )
288 AC_HEADER_EGREP(ac_etime, sys/acct.h,
289 AC_DEFINE(HAVE_ACETIME, ,
290 [Define if <sys/acct.h> has the AC_ETIME field.])
291 AC_HEADER_EGREP(comp_t.*ac_etime, sys/acct.h,
292 AC_DEFINE(ACETIME_COMPT, ,
293 [Define if <sys/acct.h>'s AC_ETIME field is a COMP_T.]))
294 )
295 AC_HEADER_EGREP(ac_io, sys/acct.h,
296 AC_DEFINE(HAVE_ACIO, ,
297 [Define if <sys/acct.h> has the AC_IO field.])
298 AC_HEADER_EGREP(comp_t.*ac_io, sys/acct.h,
299 AC_DEFINE(ACIO_COMPT, ,
300 [Define if <sys/acct.h>'s AC_IO field is a COMP_T.]))
301 )
302 AC_HEADER_EGREP(ac_mem, sys/acct.h,
303 AC_DEFINE(HAVE_ACMEM, ,
304 [Define if <sys/acct.h> has the AC_MEM field.])
305 AC_HEADER_EGREP(comp_t.*ac_mem, sys/acct.h,
306 AC_DEFINE(ACMEM_COMPT, ,
307 [Define if <sys/acct.h>'s AC_MEM field is a COMP_T.]))
308 )
309 AC_HEADER_EGREP(ac_minflt, sys/acct.h,
310 AC_HEADER_EGREP(ac_majflt, sys/acct.h,
311 AC_HEADER_EGREP(ac_swaps, sys/acct.h,
312 AC_DEFINE(HAVE_PAGING, ,
313 [Define if <sys/acct.h> has the AC_MINFLT, AC_MAJFLT and AC_SWAPS fields.])
314 AC_HEADER_EGREP(comp_t.*ac_minflt, sys/acct.h,
315 AC_DEFINE(ACMINFLT_COMPT, ,
316 [Define if <sys/acct.h>'s AC_MINFLT field is a COMP_T.]))
317 AC_HEADER_EGREP(comp_t.*ac_mayflt, sys/acct.h,
318 AC_DEFINE(ACMAJFLT_COMPT, ,
319 [Define if <sys/acct.h>'s AC_MAJFLT field is a COMP_T.]))
320 AC_HEADER_EGREP(comp_t.*ac_swaps, sys/acct.h,
321 AC_DEFINE(ACSWAPS_COMPT, ,
322 [Define if <sys/acct.h>'s AC_SWAPS field is a COMP_T.]))
323 )
324 )
325 )
326 AC_HEADER_EGREP(comp_t, sys/acct.h, AC_DEFINE(HAVE_COMP_T, ,
327 [Define if <sys/acct.h> uses the COMP_T type.]))
328 AC_HEADER_EGREP([struct acct_v3], sys/acct.h, AC_DEFINE(HAVE_ACCT_V3, ,
329 [Define if <sys/acct.h> has struct acct_v3.]))
330 )
331
332
333dnl need to check because AIX 4.2 does not have it
334dnl
335AC_CHECK_MEMBERS([struct statfs.f_flags],[],[],[
336#ifdef HAVE_SYS_TYPES_H
337#include <sys/types.h>
338#endif
339#ifdef HAVE_SYS_STAT_H
340#include <sys/stat.h>
341#endif
342#ifdef HAVE_SYS_VFS_H
343#include <sys/vfs.h>
344#endif
345#ifdef HAVE_UNISTD_H
346#include <unistd.h>
347#endif
348])
349
350AC_SYS_LARGEFILE
351
352dnl
353dnl check whether _POSIX_SOURCE is required
354dnl
355SAMHAIN_POSIX
356
357
358dnl *****************************************
359dnl
360dnl Checks for library functions.
361dnl
362dnl *****************************************
363AC_FUNC_STRFTIME
364AC_CHECK_FUNCS(memcmp memcpy memmove memset getpwent endpwent \
365 gettimeofday strlcat strlcpy strstr strchr strerror strsignal \
366 seteuid setreuid setresuid lstat getwd getcwd ptrace \
367 usleep setpriority getpeereid nanosleep \
368 strptime basename sched_yield hasmntopt \
369 inet_aton gethostbyname setutent setrlimit gethostname uname \
370 initgroups getpagesize \
371 ttyname fchmod writev mmap tzset \
372 getsid getpriority getpgid statvfs \
373 strerror_r getgrgid_r getpwnam_r getpwuid_r \
374 gmtime_r localtime_r rand_r readdir_r strtok_r \
375 mincore posix_fadvise inotify_init1
376)
377AC_CHECK_FUNC(statfs, AC_DEFINE(HAVE_STATFS) statfs="yes", statfs="no")
378SL_CHECK_VA_COPY
379AC_CHECK_FUNCS(vsnprintf, [SL_CHECK_VSNPRINTF])
380AC_CHECK_MLOCK
381SH_STRFTIME_Z
382
383AC_MSG_CHECKING(how to get filesystem type)
384fstype=no
385# The order of these tests is important.
386AC_TRY_CPP([#include <sys/statvfs.h>
387#include <sys/fstyp.h>], AC_DEFINE(FSTYPE_STATVFS) fstype=SVR4)
388if test $fstype = no; then
389AC_TRY_CPP([#include <sys/statfs.h>
390#include <sys/fstyp.h>], AC_DEFINE(FSTYPE_USG_STATFS) fstype=SVR3)
391fi
392if test $fstype = no; then
393AC_TRY_CPP([#include <sys/statfs.h>
394#include <sys/vmount.h>], AC_DEFINE(FSTYPE_AIX_STATFS) fstype=AIX)
395fi
396if test $fstype = no; then
397AC_TRY_CPP([#include <mntent.h>], AC_DEFINE(FSTYPE_MNTENT) fstype=4.3BSD)
398fi
399if test $fstype = no; then
400AC_EGREP_HEADER(f_type;, sys/mount.h, AC_DEFINE(FSTYPE_STATFS) fstype=4.4BSD/OSF)
401fi
402if test $fstype = no; then
403AC_TRY_CPP([#include <sys/mount.h>
404#include <sys/fs_types.h>], AC_DEFINE(FSTYPE_GETMNT) fstype=Ultrix)
405fi
406AC_MSG_RESULT($fstype)
407
408sh_libsocket=
409
410dnl Solaris needs -lsocket and -lnsl. Unisys system includes
411dnl gethostbyname in libsocket but needs libnsl for socket.
412AC_CHECK_LIB(nsl, gethostbyname)
413AC_CHECK_LIB(socket, socket, ac_need_libsocket=1, ac_try_nsl=1)
414if test x$ac_need_libsocket = x1; then
415 LIBS="$LIBS -lsocket"
416 sh_libsocket="-lsocket"
417fi
418if test x$ac_try_nsl = x1; then
419 AC_CHECK_LIB(nsl, gethostbyname, ac_need_libnsl=1)
420 if test x$ac_need_libnsl = x1
421 then
422 LIBS="$LIBS -lnsl"
423 fi
424fi
425AC_SUBST(sh_libsocket)
426
427AC_CHECK_LIB(socket, res_search, [
428 AC_CHECK_LIB(resolv, dn_skipname)
429 AC_CHECK_LIB(resolv, __dn_skipname)
430 if test x$ac_need_libsocket = x1; then
431 :
432 else
433 LIBS="$LIBS -lsocket"
434 fi
435 ], [
436 AC_CHECK_LIB(resolv, res_search, [
437 LIBS="$LIBS -lresolv"
438 ], [
439 AC_CHECK_LIB(resolv, dn_skipname)
440 AC_CHECK_LIB(resolv, __dn_skipname)
441 ])
442 ])
443
444dnl arguments for accept
445
446dnl check for Unix98 socklen_t (found on
447dnl xemacs-patches mailing list, written
448dnl by Martin Buchholz)
449dnl
450dnl On Darwin(MacOSX) socklen_t needs to be
451dnl an int (see accept man page), on all other
452dnl unix systems we need a size_t.
453
454AC_MSG_CHECKING(for socklen_t)
455AC_TRY_COMPILE([
456#ifdef HAVE_SYS_TYPES_H
457#include <sys/types.h>
458#endif
459#ifdef HAVE_SYS_SOCKET_H
460#include <sys/socket.h>
461#endif
462 socklen_t x;
463], [],[
464 AC_MSG_RESULT(yes)
465 AC_DEFINE_UNQUOTED([ACCEPT_TYPE_ARG3],[socklen_t], [type of arg3 of accept])
466 AC_DEFINE([HAVE_SOCKLEN_T], 1, [Define if you have socklen_t])
467],[
468 AC_TRY_COMPILE([
469#ifdef HAVE_SYS_TYPES_H
470#include <sys/types.h>
471#endif
472#ifdef HAVE_SYS_SOCKET_H
473#include <sys/socket.h>
474#endif
475 int accept (int, struct sockaddr *, size_t *);
476 ],[],[
477 AC_MSG_RESULT(size_t)
478 AC_DEFINE_UNQUOTED([ACCEPT_TYPE_ARG3],[size_t], [type of arg3 of accept])
479 ], [
480 AC_MSG_RESULT(int)
481 AC_DEFINE_UNQUOTED([ACCEPT_TYPE_ARG3],[int], [type of arg3 of accept])
482 ]
483 )
484])
485
486dnl *****************************************
487dnl checks for extended attribute or ACL
488dnl support
489dnl *****************************************
490
491sh_CHECK_XATTR
492sh_CHECK_POSIX_ACL
493
494dnl *****************************************
495dnl checks for typedefs
496dnl *****************************************
497
498AC_C_LONG_DOUBLE
499SH_CHECK_TYPEDEF(long long, HAVE_LONG_LONG)
500SH_CHECK_TYPEDEF(uint16_t, HAVE_UINT16_T)
501SH_CHECK_TYPEDEF(uint64_t, HAVE_UINT64_T)
502if test "$sh_HAVE_LONG_LONG" = "yes"; then
503 AC_CHECK_SIZEOF(unsigned long long, 4)
504 sh_sizeof_unsigned_long_long=`echo "$ac_cv_sizeof_unsigned_long_long" | sed 's%[^0-9]%%g'`
505 if test "$sh_sizeof_unsigned_long_long" = "8"; then
506 AC_DEFINE(HAVE_LONG_LONG_64, 1, [Define if you have 64bit long long])
507 fi
508fi
509
510AC_CHECK_TYPE(ptrdiff_t, long)
511AC_TYPE_SIZE_T
512AC_CHECK_SIZEOF(char *, 4)
513AC_CHECK_SIZEOF(size_t, 4)
514
515AC_CHECK_SIZEOF(unsigned long, 4)
516AC_CHECK_SIZEOF(unsigned int, 4)
517AC_CHECK_SIZEOF(unsigned short, 2)
518
519
520sh_sizeof_unsigned_long=`echo "$ac_cv_sizeof_unsigned_long" | sed 's%[^0-9]%%g'`
521if test "$sh_sizeof_unsigned_long" = "4"; then
522 AC_DEFINE(HAVE_LONG_32)
523fi
524if test "$sh_sizeof_unsigned_long" = "8"; then
525 AC_DEFINE(HAVE_LONG_64)
526fi
527sh_sizeof_unsigned_int=`echo "$ac_cv_sizeof_unsigned_int" | sed 's%[^0-9]%%g'`
528if test "$sh_sizeof_unsigned_int" = "4"; then
529 AC_DEFINE(HAVE_INT_32)
530fi
531sh_sizeof_unsigned_short=`echo "$ac_cv_sizeof_unsigned_short" | sed 's%[^0-9]%%g'`
532if test "$sh_sizeof_unsigned_short" = "4"; then
533 AC_DEFINE(HAVE_SHORT_32)
534fi
535
536dnl
537dnl check for 64 bit programming environment
538dnl
539SAMHAIN_64
540
541
542dnl *****************************************
543dnl checks for structures
544dnl *****************************************
545
546AC_STRUCT_TM
547
548dnl
549dnl from e2fsprogs
550dnl
551AC_MSG_CHECKING(whether struct stat has a st_flags field)
552AC_CACHE_VAL(e2fsprogs_cv_struct_st_flags,
553 AC_TRY_COMPILE([#include <sys/stat.h>],
554 [struct stat stat; stat.st_flags = 0;],
555 [e2fsprogs_cv_struct_st_flags=yes],
556 [e2fsprogs_cv_struct_st_flags=no]))
557AC_MSG_RESULT($e2fsprogs_cv_struct_st_flags)
558if test "$e2fsprogs_cv_struct_st_flags" = yes; then
559 AC_MSG_CHECKING(whether st_flags field is useful)
560 AC_CACHE_VAL(e2fsprogs_cv_struct_st_flags_immut,
561 AC_TRY_COMPILE([#include <sys/stat.h>],
562 [struct stat stat; stat.st_flags |= UF_IMMUTABLE;],
563 [e2fsprogs_cv_struct_st_flags_immut=yes],
564 [e2fsprogs_cv_struct_st_flags_immut=no]))
565 AC_MSG_RESULT($e2fsprogs_cv_struct_st_flags_immut)
566 if test "$e2fsprogs_cv_struct_st_flags_immut" = yes; then
567 AC_DEFINE(HAVE_STAT_FLAGS)
568 fi
569fi
570
571dnl
572dnl from dbus
573dnl
574AC_MSG_CHECKING(for struct cmsgcred)
575AC_TRY_COMPILE([
576#include <sys/types.h>
577#include <sys/socket.h>
578],[
579struct cmsgcred cred;
580
581cred.cmcred_pid = 0;
582],sh_have_struct_cmsgcred=yes,sh_have_struct_cmsgcred=no)
583AC_MSG_RESULT($sh_have_struct_cmsgcred)
584
585if test x$sh_have_struct_cmsgcred = xyes; then
586 AC_DEFINE(HAVE_STRUCT_CMSGCRED,1,[Have cmsgcred structure])
587fi
588
589AC_MSG_CHECKING(for struct fcred)
590AC_TRY_COMPILE([
591#include <sys/param.h>
592#include <sys/socket.h>
593#include <sys/ucred.h>
594],[
595struct fcred sockcred;
596],sh_have_struct_fcred=yes,sh_have_struct_fcred=no)
597AC_MSG_RESULT($sh_have_struct_fcred)
598
599if test x$sh_have_struct_fcred = xyes; then
600 AC_DEFINE(HAVE_STRUCT_FCRED,1,[Have fcred structure])
601fi
602
603AC_MSG_CHECKING(for struct sockcred)
604AC_TRY_COMPILE([
605#include <sys/param.h>
606#include <sys/socket.h>
607#include <sys/ucred.h>
608],[
609struct sockcred sockcred;
610],sh_have_struct_sockcred=yes,sh_have_struct_sockcred=no)
611AC_MSG_RESULT($sh_have_struct_sockcred)
612
613if test x$sh_have_struct_sockcred = xyes; then
614 AC_DEFINE(HAVE_STRUCT_SOCKCRED,1,[Have sockcred structure])
615fi
616
617AC_MSG_CHECKING(for SO_PEERCRED)
618AC_TRY_COMPILE([
619#include <sys/types.h>
620#include <sys/socket.h>
621],[
622int test = SO_PEERCRED;
623],sh_have_SO_PEERCRED=yes,sh_have_SO_PEERCRED=no)
624AC_MSG_RESULT($sh_have_SO_PEERCRED)
625
626if test x$sh_have_SO_PEERCRED = xyes; then
627 AC_DEFINE(HAVE_SO_PEERCRED,1,[Have SO_PEERCRED define])
628fi
629
630
631dnl *****************************************
632dnl checks for compiler characteristics
633dnl *****************************************
634AC_C_INLINE
635AC_C_CONST
636AC_C_BIGENDIAN
637AC_C_RESTRICT
638
639AM_SA_SIGACTION_WORKS
640
641AC_ARG_ENABLE(ssp,
642 [ --disable-ssp disable the GCC stack protector],
643 [],
644 [enable_ssp=yes;]
645)
646
647if test "x$GCC" = "xyes"; then
648
649 if test x"${enable_ssp}" = xno; then
650 :
651 else
652 GCC_STACK_PROTECT_LIB
653 GCC_STACK_PROTECT_CC
654dnl GCC_STACK_CHECK_CC
655 GCC_PIE_CC
656 fi
657
658fi
659
660dnl *****************************************
661dnl
662dnl checks for system services
663dnl
664dnl *****************************************
665
666dnl
667dnl check for /proc filesystem
668dnl
669if test -d "/proc/$$"
670then
671 AC_DEFINE([HAVE_PROCFS],[1],[Define if you have a proc fs])
672fi
673
674dnl
675dnl check for GNU gmp
676dnl
677AC_CHECK_LIB(gmp, __gmpz_init, [sh_have_gmp=yes], [sh_have_gmp=no])
678if test "x${sh_have_gmp}" = xno
679then
680 AC_CHECK_LIB(gmp, mpz_init, [sh_have_gmp=yes], [sh_have_gmp=no])
681fi
682if test "x${sh_have_gmp}" = xyes
683then
684 # LIBS="-lgmp $LIBS"
685 AC_DEFINE(HAVE_LIBGMP, 1, [Have GNU gmp library])
686fi
687AC_CHECK_HEADERS(gmp.h)
688
689AC_MSG_CHECKING([for ps])
690PS=
691for ff in /usr/ucb /bin /usr/bin; do
692 if test -x "$ff/ps"; then
693 PS="$ff/ps"
694 AC_MSG_RESULT([$PS])
695 break
696 fi
697done
698if test x$PS = x
699then
700 AC_MSG_RESULT([no])
701 AC_MSG_ERROR([Cannot find ps in any of /usr/ucb /bin /usr/bin])
702fi
703AC_DEFINE_UNQUOTED([PSPATH], _("$PS"), [Path to ps])
704
705AC_MSG_CHECKING([how to use ps])
706$PS ax >/dev/null 2>&1
707if test $? -eq 0; then
708 case "$host_os" in
709 *openbsd*)
710 one=`$PS akx | wc -l`
711 ;;
712 *)
713 one=`$PS ax | wc -l`
714 ;;
715 esac
716else
717 one=0
718fi
719$PS -e >/dev/null 2>&1
720if test $? -eq 0; then
721 two=`$PS -e | wc -l`
722else
723 two=0
724fi
725if test $one -ge $two
726then
727 case "$host_os" in
728 *openbsd*)
729 PSARG="akx"
730 ;;
731 *)
732 PSARG="ax"
733 ;;
734 esac
735else
736 PSARG="-e"
737fi
738AC_DEFINE_UNQUOTED([PSARG], _("$PSARG"), [Argument for ps])
739AC_MSG_RESULT([$PS $PSARG])
740
741dnl *****************************************
742dnl
743dnl enable features
744dnl
745dnl *****************************************
746
747AC_ARG_ENABLE(db-reload,
748 [ --enable-db-reload enable database reload on SIGHUP [[no]]],
749 [
750 if test "x${enable_db_reload}" = xyes; then
751 AC_DEFINE(RELOAD_DATABASE)
752 fi
753 ]
754)
755
756AC_ARG_ENABLE(xml-log,
757 [ --enable-xml-log enable XML logfile format [[no]]],
758 [
759 if test "x${enable_xml_log}" = xyes; then
760 AC_DEFINE(SH_USE_XML)
761 fi
762 ]
763)
764
765
766AC_ARG_ENABLE(mail,
767 [ --disable-mail disable the internal SMTP mailer],
768 [
769 if test "x${enable_mail}" = xno; then
770 :
771 else
772 AC_DEFINE(SH_WITH_MAIL)
773 fi
774 ],
775 [AC_DEFINE(SH_WITH_MAIL)]
776)
777
778AC_ARG_ENABLE(external-scripts,
779 [ --disable-external-scripts disable interface to external scripts],
780 [
781 if test "x${enableval}" = xno; then
782 :
783 else
784 AC_DEFINE(WITH_EXTERNAL)
785 fi
786 ],
787 [AC_DEFINE(WITH_EXTERNAL)]
788)
789
790AC_ARG_ENABLE(message-queue,
791 [ --enable-message-queue[[=MODE]] enable SysV message queue [[MODE=0700]]],
792 [
793 if test "x${ac_cv_header_sys_msg_h}" = "xyes"; then
794 if test "x${enable_message_queue}" = xyes; then
795 AC_DEFINE(WITH_MESSAGE_QUEUE)
796 AC_DEFINE_UNQUOTED(MESSAGE_QUEUE_MODE, 0700)
797 elif test "x${enable_message_queue}" != xno; then
798 echo "${enableval}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
799 AC_MSG_ERROR([With --enable-message-queue=MODE, MODE must be numeric])
800 echo "${enableval}" | \
801 grep ['0[0123456789][0123456789][0123456789]'] >/dev/null 2>&1 ||
802 AC_MSG_ERROR([With --enable-message-queue=MODE, MODE must be an octal (0nnn) number])
803 AC_DEFINE(WITH_MESSAGE_QUEUE)
804 AC_DEFINE_UNQUOTED(MESSAGE_QUEUE_MODE, ${enable_message_queue})
805 fi
806 else
807 echo
808 echo "**********************************************"
809 echo
810 AC_MSG_WARN([sys/msg.h missing, --enable-message-queue disabled])
811 echo
812 echo "**********************************************"
813 echo
814 fi
815 ]
816)
817
818AC_ARG_WITH(cflags,
819 [ --with-cflags additional flags to pass to compiler],
820 [
821 if test "x$withval" != "xno" ; then
822 CFLAGS="$CFLAGS $withval"
823 fi
824 ]
825)
826AC_ARG_WITH(libs,
827 [ --with-libs additional libraries to link with],
828 [
829 if test "x$withval" != "xno" ; then
830 LIBS="$LIBS $withval"
831 fi
832 ]
833)
834
835
836#
837# this is from ssh
838#
839AC_MSG_CHECKING(whether to use libwrap)
840LIBWRAP_LIB=""
841LIBWRAP_INC=""
842AC_ARG_WITH(libwrap,
843[ --with-libwrap[=PATH] Compile in libwrap (TCP Wrappers) support],
844[ AC_MSG_RESULT($withval)
845 case "$withval" in
846 no)
847 ;;
848 ""|yes)
849 LIBWRAP_LIB="-lwrap"
850 ;;
851 *)
852 if test -d "$withval"; then
853 LIBWRAP_LIB="-L$withval -lwrap"
854 changequote(<<, >>)dnl
855 sh_libwrap_inc=`echo ${withval} | sed 's%/[^/][^/]*$%%'`
856 LIBWRAP_INC="-I${sh_libwrap_inc}/include"
857 changequote([, ])dnl
858 else
859 LIBWRAP_LIB="-lwrap"
860 changequote(<<, >>)dnl
861 sh_libwrap_inc=`echo ${withval} | sed 's%/[^/][^/]*$%%'`
862 LIBWRAP_INC="-I${sh_libwrap_inc}"
863 changequote([, ])dnl
864 fi
865 ;;
866 esac
867 if test -n "$LIBWRAP_LIB"; then
868 # OLDLIBS="$LIBS"
869 LIBS="$LIBWRAP_LIB $LIBS"
870 # OLDCFLAGS="$CFLAGS"
871 CFLAGS="$CFLAGS $LIBWRAP_INC"
872 AC_CHECK_HEADER(tcpd.h,
873 [],
874 [ AC_MSG_ERROR([Could not find tcpd.h for libwrap. You need to install tcp_wrappers.]) ])
875 AC_TRY_LINK([ #include <tcpd.h>
876 int allow_severity; int deny_severity; ],
877 [ hosts_access((struct request_info *) 0); ],
878 [ AC_DEFINE(SH_USE_LIBWRAP,1,[Build with tcp wrapper support]) ],
879 [ AC_MSG_ERROR([Could not find the libwrap library.]) ])
880 fi ],
881 AC_MSG_RESULT(no)
882)
883
884
885dnl
886dnl NETWORK OPTIONS
887dnl
888AC_ARG_ENABLE(network,
889 [ --enable-network=[[client|server]] compile client or server [[no]]],
890 [
891 if test "x$enable_network" = xclient; then
892 mytclient="-DSH_WITH_CLIENT"
893 yulectl_prg=
894 setpwd_prg="samhain_setpwd"
895 sh_main_prg="samhain"
896 if test "x${sh_have_gmp}" = xyes
897 then
898 LIBS="-lgmp $LIBS"
899 fi
900dnl AC_CHECK_HEADER(sys/capability.h,
901dnl [AC_CHECK_LIB(cap, cap_get_proc,,sh_use_lcaps="no")],
902dnl [sh_use_lcaps="no"])
903 elif test "x$enable_network" = xserver; then
904 mytclient="-DSH_WITH_SERVER"
905 yulectl_prg="yulectl"
906 setpwd_prg="samhain_setpwd"
907 sh_main_prg="yule"
908 if test "x${sh_have_gmp}" = xyes
909 then
910 LIBS="-lgmp $LIBS"
911 fi
912 sh_use_lcaps="undef"
913 elif test "x$enable_network" = xno; then
914 mytclient="-DSH_STANDALONE"
915 yulectl_prg=
916 setpwd_prg=
917 sh_main_prg="samhain"
918dnl AC_CHECK_HEADER(sys/capability.h,
919dnl [AC_CHECK_LIB(cap, cap_get_proc,,sh_use_lcaps="no")],
920dnl [sh_use_lcaps="no"])
921 else
922 AC_MSG_ERROR([With --enable-network=WHAT, WHAT must be client, server, or no])
923 fi
924 ],
925 [
926 mytclient="-DSH_STANDALONE"
927 setpwd_prg=
928 yulectl_prg=
929 sh_main_prg="samhain"
930dnl AC_CHECK_HEADER(sys/capability.h,
931dnl [AC_CHECK_LIB(cap, cap_get_proc,,sh_use_lcaps="no")],
932dnl [sh_use_lcaps="no"])
933 ],
934)
935
936AC_SUBST(setpwd_prg)
937AC_SUBST(yulectl_prg)
938AC_SUBST(sh_main_prg)
939AC_SUBST(mytclient)
940
941# needed for the rpm spec
942clmytclient=`echo ${mytclient} | sed s%\-%%`
943AC_SUBST(clmytclient)
944
945sh_no_gcc_static=no
946
947AC_ARG_ENABLE(static,
948 [ --enable-static enable static linking [[no]]],
949 [
950 if test x$enable_static = xyes; then
951 if test x"$mynetbsd" = xyes
952 then
953 tmp_LIBS=`echo $LIBS | sed 's%\-lresolv%%' `
954 LIBS="${tmp_LIBS}"
955 fi
956 AC_DEFINE(SH_COMPILE_STATIC, 1, [Define if compiling static])
957 if test "x$GCC" = "xyes"; then
958 sh_no_gcc_static=no
959 LDFLAGS="$LDFLAGS -static"
960 else
961 sh_no_gcc_static=yes
962 case "$host_os" in
963
964 *aix*)
965 LDFLAGS="$LDFLAGS -bnso -bI:/lib/syscalls.exp"
966 ;;
967
968 *hpux*)
969 LDFLAGS="$LDFLAGS -Wl,-a,archive"
970 ;;
971
972 *osf*)
973 LDFLAGS="$LDFLAGS -non_shared"
974 ;;
975
976 *irix*)
977 LDFLAGS="$LDFLAGS -non_shared"
978 ;;
979
980 *sco*)
981 LDFLAGS="$LDFLAGS -dn"
982 ;;
983
984 *sun*)
985 LDFLAGS="$LDFLAGS -Bstatic"
986 ;;
987
988 *solaris*)
989 LDFLAGS="$LDFLAGS -Bstatic"
990 ;;
991
992 *)
993 echo "***********************************************"
994 echo "*"
995 echo "* Don't know how to enable static linking"
996 echo "* with your compiler. Please set the environment"
997 echo "* variable LDFLAGS to:"
998 echo "* ${LDFLAGS} + the static linking flag"
999 echo "* and run configure again"
1000 echo "*"
1001 echo "***********************************************"
1002 ;;
1003
1004 esac
1005 fi
1006 fi
1007 ]
1008)
1009
1010if test x"${mytclient}" = x-DSH_STANDALONE -o x"${mytclient}" = x-DSH_WITH_CLIENT;
1011then
1012dnl For threaded modules
1013 ACX_PTHREAD
1014 CFLAGS="$CFLAGS $PTHREAD_CFLAGS"
1015 LIBS="$PTHREAD_LIBS $LIBS"
1016 LDFLAGS="$PTHREAD_CFLAGS $LDFLAGS"
1017 CC="$PTHREAD_CC"
1018dnl For MODI_TXT
1019 CHECK_ZLIB()
1020fi
1021
1022if test x$enable_static = xyes; then
1023 :
1024else
1025 if test x$sh_use_pie = xyes; then
1026 LDFLAGS="$LDFLAGS $PIE_LDFLAGS"
1027 CFLAGS="$CFLAGS $PIE_CFLAGS"
1028 fi
1029fi
1030
1031
1032#
1033# this is from the snort configure.in
1034#
1035AC_DEFUN(FAIL_MESSAGE,[
1036 echo
1037 echo
1038 echo "**********************************************"
1039 echo " ERROR: unable to find" $1
1040 echo " checked in the following places"
1041 for i in `echo $2`; do
1042 echo " $i"
1043 done
1044 echo "**********************************************"
1045 echo
1046 exit
1047])
1048
1049AC_ARG_WITH(libprelude-prefix,
1050 [ --with-libprelude-prefix=PFX Prefix where libprelude is installed (optional)],
1051 libprelude_config_prefix="$withval", libprelude_config_prefix="")
1052
1053AC_MSG_CHECKING(whether to use prelude)
1054AC_ARG_WITH(prelude,
1055 [ --with-prelude Prelude IDS support [[no]]],
1056 [
1057 if test "x${withval}" = "xno"; then
1058 AC_MSG_RESULT(no)
1059 else
1060 AC_MSG_RESULT(yes)
1061 if test x$libprelude_config_prefix != x ; then
1062 if test x${LIBPRELUDE_CONFIG+set} != xset ; then
1063 LIBPRELUDE_CONFIG=$libprelude_config_prefix/bin/libprelude-config
1064 fi
1065 fi
1066
1067 AC_PATH_PROG(LIBPRELUDE_CONFIG, libprelude-config, no)
1068 if test x"$LIBPRELUDE_CONFIG" = "xno" ; then
1069 HAVE_PRELUDE_CONFIG=no
1070 else
1071 HAVE_PRELUDE_CONFIG=yes
1072 fi
1073dnl AC_CHECK_PROG(HAVE_PRELUDE_CONFIG, libprelude-config, yes, no)
1074 if test "$HAVE_PRELUDE_CONFIG" = "yes"; then
1075 sh_libprelude_version=`$LIBPRELUDE_CONFIG --version`
1076 case "$sh_libprelude_version" in
1077 0.8*)
1078 AC_MSG_ERROR([You have Libprelude 0.8, which is too old. Version 0.9.6 or higher is required.])
1079 ;;
1080 *)
1081 AM_PATH_LIBPRELUDE([0.9.6],
1082 [
1083 AC_DEFINE(HAVE_LIBPRELUDE,1,[Have libprelude])
1084 CFLAGS="$CFLAGS $LIBPRELUDE_PTHREAD_CFLAGS"
1085 LDFLAGS="$LDFLAGS $LIBPRELUDE_LDFLAGS"
1086 LIBS="$LIBS $LIBPRELUDE_LIBS"
1087 ],
1088 [
1089 AC_MSG_ERROR([Could not find libprelude (if you are using --enable-static, the static library libprelude.a might be missing).])
1090 ])
1091 ;;
1092 esac
1093 else
1094 AC_MSG_ERROR([Could not find libprelude-config.])
1095 fi
1096 fi
1097 ],
1098 [
1099 AC_MSG_RESULT(no)
1100 ]
1101)
1102
1103#
1104# partly based on the snort configure.in
1105#
1106AC_ARG_WITH(database,
1107 [ --with-database=[[mysql|postgresql|oracle|odbc]] database support [[no]]],
1108 [
1109 if test x"$enable_xml_log" != xyes; then
1110 AC_MSG_ERROR([With --with-database, --enable-xml-log is required as well.])
1111 fi
1112 if test "x${withval}" = "xmysql"; then
1113 if test "x$zlib_found" = "x"
1114 then
1115 CHECK_ZLIB()
1116 fi
1117 AC_CHECK_PROG(HAVE_MYSQL_CONFIG, mysql_config, yes, no)
1118 if test "$HAVE_MYSQL_CONFIG" = "yes"; then
1119 sh_mysql_libs="`mysql_config --libs`"
1120 sh_mysql_libs="`eval echo ${sh_mysql_libs}`"
1121 LIBS="$LIBS ${sh_mysql_libs}"
1122 sh_mysql_cflags="`mysql_config --cflags`"
1123 sh_mysql_cflags="`eval echo ${sh_mysql_cflags}`"
1124 CPPFLAGS="$CPPFLAGS ${sh_mysql_cflags}"
1125 else
1126 AC_MSG_CHECKING([for MySQL in /usr /usr/local /usr/local/mysql MYSQL_HOME])
1127 mysql_directory="/usr /usr/local /usr/local/mysql ${MYSQL_HOME}"
1128
1129 for i in $mysql_directory; do
1130 if test -r $i/include/mysql/mysql.h; then
1131 MYSQL_DIR=$i
1132 MYSQL_INC_DIR=$i/include
1133 # we use AC_CHECK_HEADERS to check for mysql/mysql.h
1134 fi
1135 done
1136 if test -z "$MYSQL_DIR"; then
1137 for i in $mysql_directory; do
1138 if test -r $i/include/mysql.h; then
1139 MYSQL_DIR=$i
1140 MYSQL_INC_DIR=$i/include
1141 fi
1142 done
1143 fi
1144
1145 if test -z "$MYSQL_DIR"; then
1146 tmp=""
1147 for i in $mysql_directory; do
1148 tmp="$tmp $i/include $i/include/mysql"
1149 done
1150 FAIL_MESSAGE("mysql headers (mysql.h)", $tmp)
1151 fi
1152
1153 for i in lib lib/mysql; do
1154 str="$MYSQL_DIR/$i/libmysqlclient.*"
1155 for j in `echo $str`; do
1156 if test -r $j; then
1157 MYSQL_LIB_DIR="$MYSQL_DIR/$i"
1158 break 2
1159 fi
1160 done
1161 done
1162
1163 if test -z "$MYSQL_LIB_DIR"; then
1164 for ff in $mysql_directory; do
1165 for i in lib lib/mysql; do
1166 str="$ff/$i/libmysqlclient.*"
1167 for j in `echo $str`; do
1168 if test -r $j; then
1169 MYSQL_LIB_DIR="$ff/$i"
1170 break 3
1171 fi
1172 done
1173 done
1174 done
1175 fi
1176
1177 if test -z "$MYSQL_LIB_DIR"; then
1178 tmp=""
1179 for i in $mysql_directory; do
1180 tmp="$i/lib $i/lib/mysql"
1181 done
1182 FAIL_MESSAGE("mysql library libmysqlclient", $tmp)
1183 fi
1184
1185 AC_MSG_RESULT(yes)
1186 LIBS="$LIBS -L${MYSQL_LIB_DIR} -lmysqlclient"
1187 # CFLAGS="$CFLAGS -I${MYSQL_INC_DIR}"
1188 CPPFLAGS="$CPPFLAGS -I${MYSQL_INC_DIR}"
1189 fi
1190 AC_DEFINE(WITH_MYSQL)
1191 AC_DEFINE(WITH_DATABASE)
1192 if test "x$zlib_found" = "xyes"
1193 then
1194 LIBS="$LIBS -lz -lm"
1195 else
1196 echo
1197
1198 echo " Mysql library was not found or not useable."
1199 echo " Possible reasons include:"
1200 echo " - an old, incompatible version compiled from source"
1201 echo " - on Solaris, libmysql is compiled with the Solaris"
1202 echo " compiler, thus the mysql_config script provides"
1203 echo " compiler options unsuitable for gcc (move"
1204 echo " mysql_config out of your PATH)"
1205 echo " For other problems, check config.log for the error"
1206 echo " message from the compiler."
1207 echo
1208 echo " If your mysql libraries are installed in an"
1209 echo " unusual place, use --with-libs=-L/path/to/libdirectory"
1210 echo " where libdirectory is the directory holding libmysql."
1211 if test x"$enable_static" = xyes; then
1212 echo " Note that for compiling a static binary, you need"
1213 echo " the static libraries, rather than the shared ones."
1214 fi
1215 echo
1216 AC_MSG_ERROR([Could not find libmysql, or it is not useable.])
1217 fi
1218 AC_CHECK_HEADERS(mysql/mysql.h)
1219 elif test "x${withval}" = "xpostgresql"; then
1220 AC_DEFINE(WITH_POSTGRES)
1221 AC_DEFINE(WITH_DATABASE)
1222 #
1223 PGCONF="no"
1224 MY_PATH="${PATH}:/usr/local/bin:/usr/local/pgsql/bin"
1225 OLD_IFS="$IFS"
1226 IFS=":"
1227 for ff in ${MY_PATH}
1228 do
1229 if test -f "$ff/pg_config"
1230 then
1231 PGCONF="$ff/pg_config"
1232 fi
1233 done
1234 IFS="${OLD_IFS}"
1235 #
1236 #
1237 if test "x${PGCONF}" = "xno"
1238 then
1239 AC_MSG_CHECKING(for PostgreSQL in /usr/local/pgsql /usr/pgsql /usr/local /usr PGSQL_HOME)
1240 pgsql_directory="/usr/local/pgsql /usr/pgsql /usr/local /usr ${PGSQL_HOME}"
1241 for i in $pgsql_directory; do
1242 if test -r $i/include/pgsql/libpq-fe.h; then
1243 PGSQL_INC_DIR=$i/include
1244 PGSQL_DIR=$i
1245 # use AC_CHECK_HEADERS to check for pgsql/libpq-fe.h
1246 fi
1247 done
1248 if test -z "$PGSQL_DIR"; then
1249 for i in $pgsql_directory; do
1250 if test -r $i/include/postgresql/libpq-fe.h; then
1251 PGSQL_INC_DIR=$i/include
1252 PGSQL_DIR=$i
1253 fi
1254 done
1255 fi
1256 if test -z "$PGSQL_DIR"; then
1257 for i in $pgsql_directory; do
1258 if test -r $i/include/libpq-fe.h; then
1259 PGSQL_INC_DIR=$i/include
1260 PGSQL_DIR=$i
1261 fi
1262 done
1263 fi
1264
1265 if test -z "$PGSQL_DIR"; then
1266 tmp=""
1267 for i in $pgsql_directory; do
1268 tmp="$tmp $i/include $i/include/pgsql $i/include/postgresql"
1269 done
1270 FAIL_MESSAGE("PostgreSQL header file (libpq-fe.h)", $tmp)
1271 fi
1272
1273 for i in lib lib/pgsql lib/postgresql; do
1274 str="$PGSQL_DIR/$i/libpq.*"
1275 for j in `echo $str`; do
1276 if test -r $j; then
1277 PGSQL_LIB_DIR="$PGSQL_DIR/$i"
1278 break 2
1279 fi
1280 done
1281 done
1282
1283 if test -z "$PGSQL_LIB_DIR"; then
1284 for ff in $pgsql_directory; do
1285 for i in lib lib/pgsql lib/postgresql; do
1286 str="$ff/$i/libpq.*"
1287 for j in `echo $str`; do
1288 if test -r $j; then
1289 PGSQL_LIB_DIR="$ff/$i"
1290 break 3
1291 fi
1292 done
1293 done
1294 done
1295 fi
1296
1297 if test -z "$PGSQL_LIB_DIR"; then
1298 tmp=""
1299 for i in $pgsql_directory; do
1300 tmp="$i/lib $i/lib/pgsql $i/lib/postgresql"
1301 done
1302 FAIL_MESSAGE("postgresql library libpq", $tmp)
1303 fi
1304
1305 AC_MSG_RESULT(yes)
1306
1307 LIBS="$LIBS -L${PGSQL_LIB_DIR} -lpq -lm"
1308 if test x"$enable_static" = xyes; then
1309 LIBS="$LIBS -L${PGSQL_LIB_DIR} -lpq -lcrypt -lm"
1310 else
1311 LIBS="$LIBS -L${PGSQL_LIB_DIR} -lpq -lm"
1312 fi
1313 # CFLAGS="$CFLAGS -I${PGSQL_INC_DIR}"
1314 CPPFLAGS="$CPPFLAGS -I${PGSQL_INC_DIR}"
1315 AC_CHECK_HEADERS(pgsql/libpq-fe.h)
1316 AC_CHECK_HEADERS(postgresql/libpq-fe.h)
1317 else
1318 pg_lib_dir=`${PGCONF} --libdir`
1319 if test x"$enable_static" = xyes; then
1320 LIBS="$LIBS -L${pg_lib_dir} -lpq -lcrypt -lm"
1321 else
1322 LIBS="$LIBS -L${pg_lib_dir} -lpq -lm"
1323 fi
1324 pg_inc_dir=`${PGCONF} --includedir`
1325 # CFLAGS="$CFLAGS -I${pg_inc_dir}"
1326 CPPFLAGS="$CPPFLAGS -I${pg_inc_dir}"
1327 fi
1328 elif test "x${withval}" = "xodbc"; then
1329 AC_MSG_CHECKING(for odbc in /usr /usr/local ODBC_HOME)
1330 odbc_directory="/usr /usr/local"
1331
1332 for i in $odbc_directory; do
1333 if test -r $i/include/sql.h; then
1334 if test -r $i/include/sqlext.h; then
1335 if test -r $i/include/sqltypes.h; then
1336 ODBC_DIR=$i
1337 ODBC_INC_DIR=$i/include
1338 fi
1339 fi
1340 fi
1341 done
1342
1343 if test -z "$ODBC_DIR"; then
1344 tmp=""
1345 for i in $odbc_directory; do
1346 tmp="$tmp $i/include"
1347 done
1348 FAIL_MESSAGE("odbc headers (sql.h sqlext.h sqltypes.h)", $tmp)
1349 fi
1350
1351 str="$ODBC_DIR/lib/libodbc.*"
1352 for j in `echo $str`; do
1353 if test -r $j; then
1354 ODBC_LIB_DIR="$ODBC_DIR/lib"
1355 ODBC_LIB="odbc"
1356 fi
1357 done
1358
1359 if test -z "$ODBC_LIB_DIR"; then
1360 FAIL_MESSAGE("odbc library (libodbc)", "$ODBC_DIR/lib")
1361 fi
1362
1363 AC_MSG_RESULT(yes)
1364 CPPFLAGS="${CPPFLAGS} -I${ODBC_INC_DIR}"
1365 LIBS="${LIBS} -L${ODBC_LIB_DIR} -l$ODBC_LIB"
1366 AC_DEFINE(WITH_ODBC)
1367 AC_DEFINE(WITH_DATABASE)
1368
1369 elif test "x${withval}" = "xoracle"; then
1370 AC_MSG_CHECKING(for oracle in /usr /usr/local ORACLE_HOME)
1371 oracle_directory="/usr /usr/local ${ORACLE_HOME}"
1372 for i in $oracle_directory; do
1373 if test -r $i/rdbms/demo/oci.h; then
1374 ORACLE_DIR=$i
1375 fi
1376 done
1377
1378 if test -z "$ORACLE_DIR"; then
1379 tmp=""
1380 for i in $oracle_directory; do
1381 tmp="$tmp $i/rdbms/demo"
1382 done
1383 FAIL_MESSAGE("OCI header file (oci.h)", $tmp)
1384 else
1385 for i in rdbms/demo rdbms/public network/public; do
1386 ORACLE_CPP_FLAGS="$ORACLE_CPP_FLAGS -I$ORACLE_DIR/$i"
1387 done
1388 ORACLE_LIB_DIR="$ORACLE_DIR/lib"
1389 AC_MSG_RESULT(yes)
1390
1391 CPPFLAGS="${CPPFLAGS} ${ORACLE_CPP_FLAGS}"
1392
1393 ORACLE_LIBS="-lclntsh"
1394 if test -r $ORACLE_LIB_DIR/libwtc9.so; then
1395 ORACLE_LIBS="${ORACLE_LIBS} -lwtc9"
1396 elif test -r $ORACLE_LIB_DIR/libwtc8.so; then
1397 ORACLE_LIBS="${ORACLE_LIBS} -lwtc8"
1398 fi
1399 LIBS="${LIBS} -L${ORACLE_LIB_DIR} ${ORACLE_LIBS}"
1400 if test "x$GCC" != "xyes"; then
1401 CFLAGS="${CFLAGS} -fno-strict-aliasing"
1402 fi
1403 fi
1404 AC_DEFINE(WITH_ORACLE)
1405 AC_DEFINE(WITH_DATABASE)
1406
1407 else
1408 AC_MSG_ERROR([Option --with-database=database used with unsupported database ${withval}])
1409 fi
1410 ]
1411)
1412
1413AC_ARG_WITH(console,
1414 [ --with-console=PATH set path to console device [[/dev/console]]],
1415 [
1416 if test "x${withval}" != xno; then
1417 mycons="$withval"
1418 AC_DEFINE_UNQUOTED(DEFAULT_CONSOLE, _("${mycons}") )
1419 fi
1420 ])
1421
1422AC_ARG_WITH(altconsole,
1423 [ --with-altconsole=PATH set path to second console device [[none]]],
1424 [
1425 if test "x${withval}" != xno; then
1426 myaltcons="$withval"
1427 else
1428 myaltcons="NULL"
1429 fi
1430 ],
1431 [myaltcons="NULL"])
1432AC_DEFINE_UNQUOTED(ALT_CONSOLE, _("${myaltcons}") )
1433
1434AC_ARG_WITH(timeserver,
1435 [ --with-timeserver=HOST set host address for time server [[none]]],
1436 [
1437 if test "x${withval}" != xno; then
1438 mytimeserv="$withval"
1439 AC_DEFINE(HAVE_NTIME)
1440 else
1441 mytimeserv="NULL"
1442 fi
1443 ],
1444 mytimeserv="NULL")
1445AC_DEFINE_UNQUOTED(DEFAULT_TIMESERVER, _("${mytimeserv}") )
1446
1447AC_ARG_WITH(alttimeserver,
1448 [ --with-alttimeserver=HOST set address for backup time server [[none]]],
1449 [
1450 if test "x${withval}" != xno; then
1451 myalttimeserv="$withval"
1452 AC_DEFINE(HAVE_NTIME)
1453 else
1454 myalttimeserv="NULL"
1455 fi
1456 ],
1457 myalttimeserv="NULL")
1458AC_DEFINE_UNQUOTED(ALT_TIMESERVER, _("${myalttimeserv}") )
1459
1460AC_ARG_ENABLE(login-watch,
1461 [ --enable-login-watch watch for login/logout [[no]]],
1462 [
1463 if test "x${enable_login_watch}" = xyes; then
1464 AC_DEFINE(SH_USE_UTMP)
1465 fi
1466 ]
1467)
1468
1469AC_ARG_ENABLE(mounts-check,
1470 [ --enable-mounts-check check mount options on filesystems [[no]]],
1471 [
1472 if test "x${enable_mounts_check}" = xyes; then
1473 AC_DEFINE(SH_USE_MOUNTS)
1474 fi
1475 ]
1476)
1477
1478AC_ARG_ENABLE(logfile-monitor,
1479 [ --enable-logfile-monitor monitor logfiles [[no]]],
1480 [
1481 if test "x${enable_logfile_monitor}" = xyes; then
1482 AC_CHECK_HEADER(pcre.h,
1483 [
1484 AC_DEFINE(USE_LOGFILE_MONITOR, 1, [Define if you want the logfile monitor module.])
1485 LIBS="-lpcre $LIBS"
1486 ],
1487 [
1488 AC_CHECK_HEADER(pcre/pcre.h,
1489 [
1490 AC_DEFINE(USE_LOGFILE_MONITOR, 1, [Define if you want the logfile monitor module.])
1491 AC_DEFINE(HAVE_PCRE_PCRE_H, 1, [Define if you have pcre/pcre.h.])
1492 LIBS="-lpcre $LIBS"
1493 ],
1494 AC_MSG_ERROR([The --enable-logfile-monitor option requires libpcre. For compiling the pcre development package is needed.])
1495 )
1496 ]
1497 )
1498 AC_CHECK_LIB(pcre, pcre_dfa_exec, [
1499 AC_DEFINE([HAVE_PCRE_DFA_EXEC], 1, [Define if you have pcre_dfa_exec])
1500 ], [
1501 AC_MSG_WARN([pcre_dfa_exec not available])
1502 ])
1503 fi
1504 ]
1505)
1506
1507
1508AC_ARG_ENABLE(process-check,
1509 [ --enable-process-check check processes [[no]]],
1510 [
1511 if test "x${enable_process_check}" = xyes; then
1512 AC_CHECK_LIB([rt], [sched_getparam], sh_lrt=yes, sh_lrt=no)
1513 if test x"$sh_lrt" = xyes; then
1514 LIBRT=-lrt
1515 else
1516 LIBRT=
1517 fi
1518 LIBS="$LIBS $LIBRT"
1519 AC_DEFINE(SH_USE_PROCESSCHECK, [1], [Define if you want to check processes])
1520 fi
1521 ]
1522)
1523
1524AC_ARG_ENABLE(port-check,
1525 [ --enable-port-check check ports [[no]]],
1526 [
1527 if test "x${enable_port_check}" = xyes; then
1528 AC_DEFINE(SH_USE_PORTCHECK, [1], [Define if you want to check ports])
1529 fi
1530 ]
1531)
1532
1533AC_ARG_ENABLE(userfiles,
1534 [ --enable-userfiles check for users' config files [[no]]],
1535 [
1536 if test "x${enableval}" = "xyes"; then
1537 AC_DEFINE(SH_USE_USERFILES)
1538 fi
1539 ]
1540)
1541
1542AC_ARG_ENABLE(debug,
1543 [ --enable-debug enable debug options [[no]]],
1544 [
1545 if test "x${enable_debug}" = "xyes"; then
1546 if test "x${mydebugflag}" != "xyes"; then
1547 AC_DEFINE(MEM_DEBUG)
1548 fi
1549 AC_DEFINE(WITH_TPT)
1550 AC_DEFINE(SL_DEBUG)
1551 AC_DEFINE(DNMALLOC_CHECKS, 1, [Debug dnmalloc])
1552 AC_DEFINE(PARANOIA, 0, [Paranoia level for dnmalloc])
1553 AC_DEFINE(SL_FAIL_ON_ERROR)
1554 if test "x${myneedg3}" = "xyes"; then
1555 mydebugdef="-g3"
1556 else
1557 mydebugdef="-g"
1558 fi
1559 mydebugit="yes"
1560 fi
1561 ]
1562)
1563AC_SUBST(mydebugdef)
1564
1565if test "x${dnmalloc_ok}" = "xyes"; then
1566 sh_dnmalloc_enabled=yes
1567else
1568 sh_dnmalloc_enabled=no
1569fi
1570
1571AC_ARG_ENABLE(dnmalloc,
1572 [ --disable-dnmalloc disable dnmalloc],
1573 [
1574 if test "x${enable_dnmalloc}" = xno; then
1575 sh_dnmalloc_enabled=no
1576 else
1577 sh_dnmalloc_enabled=yes
1578 fi
1579 ]
1580)
1581
1582dnl Handle the problem that static linking against libc.a on Linux
1583dnl produces the error "multiple definitions of malloc"
1584dnl
1585if test "x$sh_dnmalloc_enabled" = "xyes"; then
1586 if test x$enable_static = xyes; then
1587 if test "x$sh_no_gcc_static" = "xyes"; then
1588 sh_dnmalloc_enabled=no
1589 else
1590 if test "x$with_gnu_ld" = "xyes"; then
1591 LDFLAGS="$LDFLAGS -Wl,--allow-multiple-definition"
1592 else
1593 sh_dnmalloc_enabled=no
1594 fi
1595 fi
1596 fi
1597fi
1598
1599if test "x${sh_dnmalloc_enabled}" = xno; then
1600 AC_DEFINE(USE_SYSTEM_MALLOC,1,[Define if you want to use the system malloc])
1601fi
1602
1603AC_ARG_ENABLE(ptrace,
1604 [ --enable-ptrace use anti-debugger options [[no]]],
1605 [
1606 if test "x${enable_ptrace}" = xyes; then
1607 if test "x$mydebugit" != "xyes"; then
1608 AC_DEFINE(SCREW_IT_UP)
1609 fi
1610 fi
1611 ]
1612)
1613
1614dnl
1615if test "x$GCC" = "xyes"; then
1616 if test ! -z "`echo "$CFLAGS" | grep "\-g\ " 2> /dev/null`" ; then
1617 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
1618 fi
1619
1620dnl if test ! -z "`echo "$CFLAGS" | grep "\-O2" 2> /dev/null`" ; then
1621dnl CFLAGS=`echo $CFLAGS | sed 's%\-O2%\-O3%' `
1622dnl fi
1623
1624 if test -z "`echo "$CFLAGS" | grep "\-Wall" 2> /dev/null`" ; then
1625 CFLAGS="$CFLAGS -Wall -W "
1626 fi
1627
1628 if test -z "`echo "$CFLAGS" | grep "\-fstrength\-reduce" 2> /dev/null`"
1629 then
1630 if test -z "`echo "$CFLAGS" | grep "\-fno\-strength\-reduce" 2> /dev/null`"
1631 then
1632 CFLAGS="$CFLAGS -fno-strength-reduce"
1633 fi
1634 fi
1635
1636 if test -z "`echo "$CFLAGS" | grep "\-fomit\-frame\-pointer" 2> /dev/null`"
1637 then
1638 if test -z "`echo "$CFLAGS" | grep "\-fno\-omit\-frame\-pointer" 2> /dev/null`"
1639 then
1640 CFLAGS="$CFLAGS -fno-omit-frame-pointer"
1641 fi
1642 fi
1643
1644fi
1645
1646dnl Test whether gcc supports -Wno-empty-body
1647dnl Suppresses warnings from glibc pthread_cleanup_pop
1648dnl
1649GCC_WEMPTY_BODY
1650
1651AC_MSG_CHECKING([which random module to use])
1652AC_ARG_WITH(rnd,
1653 [ --with-rnd=[[egd|unix|dev|default]] random number generator [[default]]],
1654[use_static_rnd=$withval], [use_static_rnd=default] )
1655
1656if test "$use_static_rnd" = no; then
1657 use_static_rnd=default
1658fi
1659
1660case "$use_static_rnd" in
1661 egd | dev | unix | default )
1662 AC_MSG_RESULT($use_static_rnd)
1663 ;;
1664 * )
1665 AC_MSG_RESULT([invalid argument])
1666 AC_MSG_ERROR([Option --with-rnd=module used with unsupported module ${use_static_rnd}])
1667 ;;
1668esac
1669
1670AC_ARG_WITH(egd-socket,
1671 [ --with-egd-socket=NAME EGD socket name],
1672 egd_socket_name="$withval", egd_socket_name="" )
1673AC_DEFINE_UNQUOTED(EGD_SOCKET_NAME, _("$egd_socket_name") )
1674
1675dnl
1676dnl See whether the user wants to disable checking for /dev/random
1677
1678try_dev_random=yes
1679
1680case "$use_static_rnd" in
1681dev | default )
1682 try_dev_random=yes
1683 ;;
1684egd)
1685 AC_DEFINE(HAVE_EGD_RANDOM)
1686 try_dev_random=no
1687 ;;
1688unix)
1689 AC_DEFINE(HAVE_UNIX_RANDOM)
1690 try_dev_random=no
1691 ;;
1692esac
1693
1694
1695if test "x$try_dev_random" = "xyes"; then
1696 AC_MSG_CHECKING(whether /dev/random exists)
1697 if test -r "/dev/srandom" && test -c "/dev/srandom"; then
1698 AC_DEFINE(HAVE_URANDOM)
1699 AC_DEFINE_UNQUOTED(NAME_OF_DEV_RANDOM, _("/dev/srandom") )
1700 AC_MSG_RESULT(yes)
1701 if test -r "/dev/urandom" && test -c "/dev/urandom"; then
1702 AC_DEFINE_UNQUOTED(NAME_OF_DEV_URANDOM, _("/dev/urandom") )
1703 fi
1704 else
1705 if test -r "/dev/random" && test -c "/dev/random"; then
1706 AC_DEFINE(HAVE_URANDOM)
1707 AC_DEFINE_UNQUOTED(NAME_OF_DEV_RANDOM, _("/dev/random") )
1708 AC_MSG_RESULT(yes)
1709 if test -r "/dev/urandom" && test -c "/dev/urandom"; then
1710 AC_DEFINE_UNQUOTED(NAME_OF_DEV_URANDOM, _("/dev/urandom") )
1711 fi
1712 else
1713 AC_MSG_RESULT(no)
1714 AC_DEFINE(HAVE_UNIX_RANDOM)
1715 fi
1716 fi
1717fi
1718
1719
1720AC_ARG_ENABLE(udp,
1721 [ --enable-udp server can listen on port 514/udp [[no]]],
1722 [
1723 if test "x${enable_udp}" = xyes; then
1724 AC_DEFINE(INET_SYSLOG)
1725 fi
1726 ]
1727)
1728
1729myencrypt=yes
1730AC_ARG_ENABLE(encrypt,
1731 [ --disable-encrypt disable client/server encryption],
1732 [
1733 if test "x${enable_encrypt}" = xno; then
1734 myencrypt=no
1735 elif test "x${enable_encrypt}" = "x1"; then
1736 myencrypt=1
1737 fi
1738 ]
1739)
1740if test "x${myencrypt}" = "xyes"; then
1741 AC_DEFINE(SH_ENCRYPT)
1742 AC_DEFINE(SH_ENCRYPT_2)
1743elif test "x${myencrypt}" = "x1"; then
1744 AC_DEFINE(SH_ENCRYPT)
1745fi
1746
1747sh_use_srp_proto=yes
1748AC_ARG_ENABLE(srp,
1749 [ --disable-srp disable SRP for authentication],
1750 [
1751 if test "x${enable_srp}" = xno; then
1752 sh_use_srp_proto=no
1753 fi
1754 ]
1755)
1756if test "x${sh_use_srp_proto}" = xyes; then
1757 AC_DEFINE(USE_SRP_PROTOCOL)
1758fi
1759
1760AC_ARG_WITH(port,
1761 [ --with-port=PORT set port to use for TCP/IP connection [[49777]]],
1762 [
1763 echo "${withval}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
1764 AC_MSG_ERROR([For --with-port=PORT, PORT must be numeric.])
1765 myport=${withval}
1766 ],
1767 [myport="49777"])
1768AC_DEFINE_UNQUOTED(SH_DEFAULT_PORT, ${myport})
1769AC_SUBST(myport)
1770
1771AC_ARG_WITH(logserver,
1772 [ --with-logserver=HOST set host address for log server [[none]]],
1773 [
1774 case "$withval" in
1775 *.* | localhost)
1776 mylogsrv="$withval"
1777 ;;
1778 *)
1779 mylogsrv="$withval"
1780 ;;
1781 esac
1782 ],
1783 [mylogsrv="NULL"])
1784AC_DEFINE_UNQUOTED(DEFAULT_LOGSERVER, _("${mylogsrv}") )
1785AC_SUBST(mylogsrv)
1786
1787AC_ARG_WITH(altlogserver,
1788 [ --with-altlogserver=HOST set address for backup log server [[none]]],
1789 [
1790 case "$withval" in
1791 *.* | localhost)
1792 myaltlogsrv="$withval"
1793 ;;
1794 *)
1795 myaltlogsrv="$withval"
1796 ;;
1797 esac
1798 ],
1799 [myaltlogsrv="NULL"])
1800AC_DEFINE_UNQUOTED(ALT_LOGSERVER, _("${myaltlogsrv}"))
1801
1802
1803
1804dnl
1805dnl STEALTH OPTIONS
1806dnl
1807nocl_code=
1808xor_code=0
1809AC_ARG_ENABLE(nocl,
1810 [ --enable-nocl=PW no CL parsing unless first CL argument is PW],
1811 [
1812 if test "x${enableval}" != "x"; then
1813 AC_DEFINE(SH_STEALTH_NOCL)
1814 fi
1815 if test "x${enableval}" = "xstop" || test "x${enableval}" = "xstart"; then
1816 AC_MSG_ERROR([For --enable-nocl=PW start/stop/reload/restart/status are reserved words.])
1817 fi
1818 if test "x${enableval}" = "xreload" || test "x${enableval}" = "xrestart"; then
1819 AC_MSG_ERROR([For --enable-nocl=PW start/stop/reload/restart/status are reserved words.])
1820 fi
1821 if test "x${enableval}" = "xstatus"; then
1822 AC_MSG_ERROR([For --enable-nocl=PW start/stop/reload/restart/status are reserved words.])
1823 fi
1824 if test "x${enableval}" = "xno"; then
1825 AC_MSG_ERROR([With --enable-nocl=PW, the use of --enable-nocl=no is ambiguous.])
1826 fi
1827 nocl_code="${enable_nocl}"
1828 ]
1829)
1830AC_DEFINE_UNQUOTED(NOCL_CODE, _("${nocl_code}") )
1831AC_SUBST(nocl_code)
1832AC_ARG_ENABLE(stealth,
1833 [ --enable-stealth=XOR_VAL enable stealth mode [[no]]],
1834 [AC_DEFINE(SH_STEALTH)
1835 if test "x${enableval}" != "xyes"; then
1836 echo "${enableval}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
1837 AC_MSG_ERROR([For --enable-stealth=XOR_VAL, XOR_VAL must be numeric.])
1838 if test "${enableval}" -lt 127 || test "${enableval}" -gt 255; then
1839 if test x"${enableval}" = x0
1840 then
1841 :
1842 else
1843 AC_MSG_ERROR([For --enable-stealth=XOR_VAL, XOR_VAL must be in the range 127 to 255.])
1844 fi
1845 fi
1846 xor_code="${enable_stealth}"
1847 else
1848 xor_code=0
1849 fi
1850 stegin_prg="samhain_stealth"
1851 ],
1852 [
1853 stegin_prg=
1854 ]
1855)
1856AC_ARG_ENABLE(micro-stealth,
1857 [ --enable-micro-stealth=XOR_VAL enable micro stealth mode [[no]]],
1858 [
1859 AC_DEFINE(SH_STEALTH)
1860 AC_DEFINE(SH_STEALTH_MICRO)
1861 if test "x${enableval}" != "xyes"; then
1862 echo "${enableval}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
1863 AC_MSG_ERROR([For --enable-micro-stealth=XOR_VAL, XOR_VAL must be numeric.])
1864 if test "${enableval}" -lt 127 || test "${enableval}" -gt 255; then
1865 if test x"${enableval}" = x0
1866 then
1867 :
1868 else
1869 AC_MSG_ERROR([For --enable-micro-stealth=XOR_VAL, XOR_VAL must be in the range 127 to 255.])
1870 fi
1871 fi
1872 xor_code="${enable_micro_stealth}"
1873 else
1874 xor_code=0
1875 fi
1876 ]
1877)
1878install_name="samhain"
1879INSTALL_NAME="SAMHAIN"
1880AC_ARG_ENABLE(install-name,
1881 [ --enable-install-name=NAME name under which to install [[samhain|yule]]],
1882 [
1883 if test "x${enableval}" != "xyes"; then
1884 install_name="${enableval}"
1885 INSTALL_NAME=`echo "${enableval}" | tr [a-z] [A-Z]`
1886 else
1887 install_name="${sh_main_prg}"
1888 INSTALL_NAME=`echo "${sh_main_prg}" | tr [a-z] [A-Z]`
1889 fi
1890 ],
1891 [
1892 install_name="${sh_main_prg}"
1893 INSTALL_NAME=`echo "${sh_main_prg}" | tr [a-z] [A-Z]`
1894 ]
1895)
1896
1897
1898need_user_install=0
1899
1900AC_ARG_ENABLE(identity,
1901 [ --enable-identity=USER user if dropping root [[daemon]]],
1902 [
1903 if test x"$enableval" = xno; then
1904 myident="daemon"
1905 else
1906 myident="$enableval"
1907 fi
1908 echo "${myident}" | grep ['[^0123456789]'] >/dev/null 2>&1 || \
1909 AC_MSG_ERROR([With --enable-identity=USER, please supply a username, not a UID.])
1910 myident_uid=`(cat /etc/passwd; ypcat passwd) 2>/dev/null |\
1911 grep "^${myident}:" | awk -F: '{ print $3; }'`
1912 if test x"${myident_uid}" = x; then
1913 AC_MSG_WARN([Option --enable-identity used, user ${myident} will be added upon install.])
1914 need_user_install=1
1915 fi
1916 ],
1917 [
1918 for myident in ${install_name} daemon nobody; do
1919 AC_MSG_CHECKING(for user ${myident})
1920 myident_uid=`(cat /etc/passwd; ypcat passwd) 2>/dev/null |\
1921 grep "^${myident}:" | awk -F: '{ print $3; }'`
1922 if test x"${myident_uid}" != x; then
1923 AC_MSG_RESULT(yes)
1924 break;
1925 else
1926 AC_MSG_RESULT(no)
1927 fi
1928 done
1929 if test x"${myident_uid}" = x; then
1930 myident=${install_name}
1931 AC_MSG_WARN([--enable-identity: user ${myident} will be added upon install])
1932 need_user_install=1
1933 fi
1934 ])
1935AC_DEFINE_UNQUOTED(DEFAULT_IDENT, _("${myident}") )
1936AC_SUBST(myident)
1937AC_SUBST(need_user_install)
1938
1939sh_insmod_cmd=": # no kernel module"
1940sh_lkm=""
1941lkm_inc=""
1942khidemap="/boot/System.map"
1943sh_syscalltable="0x0"
1944AC_ARG_ENABLE(khide,
1945 [ --enable-khide=SYSTEM_MAP use kernel module to hide (Linux only)[[/boot/System.map]]],
1946 [
1947 if test "x${enable_khide}" != xno; then
1948 if test "x${enableval}" != "xyes"; then
1949 khidemap="${enableval}"
1950 fi
1951 sh_syscalltable=`egrep '(D|d|R|r) sys_call_table' ${khidemap} | awk '{print $1}'`
1952 if test x"$sh_syscalltable" = x; then
1953 AC_MSG_ERROR([Option --enable-khide cannot be used since the symbol sys_call_table was not found in ${khidemap}.])
1954 fi
1955 sh_syscalltable="0x${sh_syscalltable}"
1956 install_name_len=`echo ${install_name} | awk '{ print(length()); }'`
1957 if test "${install_name_len}" -gt 15 ; then
1958 AC_MSG_ERROR([If --enable-khide is used, install_name must not exceed a length of 15 chars.])
1959 fi
1960 AC_DEFINE(SH_USE_LKM)
1961 AC_DEFINE_UNQUOTED(SH_MAGIC_HIDE, "${install_name}")
1962
1963 # -- NEW --
1964 kernel_version=`uname -r | sed s,2.6.*,LINUX26,`
1965 kernel_numeric=`uname -r | sed 's%-%.%g' | sed 's%_%.%g' | awk -F. '{ print $1*65536+$2*256+$3 }'`
1966 AC_DEFINE_UNQUOTED(SH_KERNEL_NUMERIC, ${kernel_numeric}, [Kernel number])
1967
1968 if test x"$kernel_version" = xLINUX26
1969 then
1970 AC_MSG_CHECKING([for modlist_lock])
1971 sh_modlist_lock=`egrep ['[bd] modlist_lock$'] ${khidemap} | awk '{print $1}'`
1972 if test x"$sh_modlist_lock" = x; then
1973 AC_MSG_RESULT(no)
1974 else
1975 sh_modlist_lock="0x${sh_modlist_lock}"
1976 AC_MSG_RESULT([${sh_modlist_lock}])
1977 AC_DEFINE_UNQUOTED(SH_MODLIST_LOCK, ${sh_modlist_lock}, [The address of the modules list spinlock])
1978 fi
1979
1980 AC_MSG_CHECKING([for module_mutex])
1981 sh_modlist_mutex=`egrep ['[bd] module_mutex$'] ${khidemap} | awk '{print $1}'`
1982 if test x"$sh_modlist_mutex" = x; then
1983 AC_MSG_RESULT(no)
1984 else
1985 sh_modlist_mutex="0x${sh_modlist_mutex}"
1986 AC_MSG_RESULT([${sh_modlist_mutex}])
1987 AC_DEFINE_UNQUOTED(SH_MODLIST_MUTEX, ${sh_modlist_mutex}, [The address of the modules list mutex])
1988 fi
1989
1990 sh_list_modules=`egrep 'd modules$' ${khidemap} | awk '{print $1}'`
1991 if test x"$sh_list_modules" = x; then
1992 AC_MSG_ERROR([Option --enable-khide cannot be used, since the symbol modules was not found in ${khidemap}.])
1993 fi
1994 sh_list_modules="0x${sh_list_modules}"
1995 AC_DEFINE_UNQUOTED(SH_LIST_MODULES, ${sh_list_modules}, [The address of the modules list])
1996
1997 AC_DEFINE(LINUX26, 1, [Define if kernel is 2.6])
1998 sh_insmod_cmd="modprobe ${install_name}_hide"
1999 sh_lkm="samhain_hide.ko"
2000 else
2001 sh_insmod_cmd="insmod ${install_name}_hide; insmod ${install_name}_erase; rmmod ${install_name}_erase"
2002 sh_lkm="samhain_hide.o samhain_erase.o"
2003 fi
2004 # -- END NEW --
2005
2006 kvers=`uname -r`
2007 if test -f /lib/modules/${kvers}/build/include/linux/kernel.h; then
2008 lkm_inc="-I/lib/modules/${kvers}/build/include"
2009 else
2010 AC_MSG_WARN([--enable-khide: /lib/modules/${kvers}/build/include/linux not found])
2011 AC_MSG_WARN([--enable-khide: You may need to install the kernel-source])
2012 AC_MSG_WARN([--enable-khide: headers for the currently-running kernel.])
2013 fi
2014
2015 AC_MSG_CHECKING([for 2.4 vanilla kernel])
2016 sh_is_vanilla_kernel=yes
2017 if test -f /lib/modules/${kvers}/build/include/linux/sched.h; then
2018 grep 'next_task,' /lib/modules/${kvers}/build/include/linux/sched.h >/dev/null 2>&1 || sh_is_vanilla_kernel=no
2019 fi
2020 if test x"${sh_is_vanilla_kernel}" = xno; then
2021 AC_MSG_RESULT(no)
2022 else
2023 AC_MSG_RESULT(yes)
2024 AC_DEFINE(SH_VANILLA_KERNEL)
2025 fi
2026
2027 fi
2028 ]
2029)
2030
2031AC_SUBST(install_name)
2032AC_SUBST(INSTALL_NAME)
2033AC_SUBST(stegin_prg)
2034AC_SUBST(xor_code)
2035
2036AC_DEFINE_UNQUOTED(XOR_CODE, ${xor_code})
2037AC_DEFINE_UNQUOTED(SH_SYSCALLTABLE, ${sh_syscalltable})
2038
2039
2040exepack_state0=`${srcdir}/c_random.sh 2>/dev/null`
2041exepack_state1=`${srcdir}/c_random.sh 2>/dev/null`
2042exepack_state2=`${srcdir}/c_random.sh 2>/dev/null`
2043
2044AC_DEFINE_UNQUOTED(EXEPACK_STATE_0, ${exepack_state0})
2045AC_DEFINE_UNQUOTED(EXEPACK_STATE_1, ${exepack_state1})
2046AC_DEFINE_UNQUOTED(EXEPACK_STATE_2, ${exepack_state2})
2047
2048
2049AC_ARG_ENABLE(suidcheck,
2050 [ --enable-suidcheck check for suid/sgid files [[no]]],
2051 [
2052 if test "x${enableval}" = "xyes"; then
2053 AC_DEFINE(SH_USE_SUIDCHK)
2054 fi
2055 ]
2056)
2057
2058
2059systemmap="/boot/System.map"
2060sh_libkvm=""
2061AC_ARG_WITH(kcheck,
2062 [ --with-kcheck[[=SYSTEM_MAP]] check Linux/FreeBSD/OpenBSD kernel integrity [[/boot/System.map]]],
2063 [
2064 if test "x${withval}" != "xno"; then
2065 AC_DEFINE(SH_USE_KERN)
2066
2067 kernel_numeric=`uname -r | sed 's%-%.%g' | sed 's%_%.%g' | awk -F. '{ print $1*65536+$2*256+$3 }'`
2068 AC_DEFINE_UNQUOTED(SH_KERNEL_NUMBER, ${kernel_numeric}, [Kernel number])
2069
2070 kernelversion=`uname -r`
2071 AC_DEFINE_UNQUOTED(SH_KERNEL_VERSION, _("${kernelversion}"), [Define the kernel version])
2072
2073 if test "x${withval}" != "xyes"; then
2074 systemmap="${withval}"
2075 fi
2076
2077 if test "x${cross_compiling}" = xyes; then
2078 :
2079 elif test "x$selectconfig" = "xfreebsd"; then
2080 LIBS="$LIBS -lkvm"
2081 sh_libkvm="-lkvm"
2082 elif test -f "${systemmap}"; then
2083 if test -c /dev/kmem; then
2084 :
2085 else
2086 # need kernel module
2087
2088 if test -f /lib/modules/${kernelversion}/build/include/linux/kernel.h; then
2089 lkm_inc="-I/lib/modules/${kernelversion}/build/include"
2090 else
2091 AC_MSG_WARN([--enable-khide: /lib/modules/${kernelversion}/build/include/linux not found])
2092 AC_MSG_WARN([--enable-khide: You may need to install the kernel-source])
2093 AC_MSG_WARN([--enable-khide: headers for the currently-running kernel.])
2094 fi
2095
2096 AC_MSG_CHECKING([for vmlist_lock])
2097 sh_vmlist_lock=`egrep ['[bdBD] vmlist_lock$'] ${systemmap} | awk '{print $1}'`
2098 if test x"$sh_vmlist_lock" = x; then
2099 AC_MSG_RESULT(no)
2100 else
2101 sh_vmlist_lock="0x${sh_vmlist_lock}"
2102 AC_MSG_RESULT([${sh_vmlist_lock}])
2103 AC_DEFINE_UNQUOTED(SH_VMLIST_LOCK, ${sh_vmlist_lock}, [The address of the vmlist spinlock])
2104 fi
2105
2106 AC_MSG_CHECKING([for vmlist])
2107 sh_vmlist_lock=`egrep ['[bdBD] vmlist$'] ${systemmap} | awk '{print $1}'`
2108 if test x"$sh_vmlist" = x; then
2109 AC_MSG_RESULT(no)
2110 else
2111 sh_vmlist="0x${sh_vmlist}"
2112 AC_MSG_RESULT([${sh_vmlist}])
2113 AC_DEFINE_UNQUOTED(SH_VMLIST, ${sh_vmlist}, [The address of the vmlist])
2114 fi
2115
2116 sh_lkm="${sh_lkm} samhain_kmem.ko"
2117 echo "${sh_insmod_cmd}" | grep 'no kernel module' >/dev/null
2118 if [ $? -eq 0 ]; then
2119 sh_insmod_cmd="modprobe ${install_name}_kmem"
2120 else
2121 sh_insmod_cmd="modprobe ${install_name}_kmem; ${sh_insmod_cmd}"
2122 fi
2123 fi
2124 else
2125 AC_MSG_ERROR([Option --with-kcheck=systemmap cannot be used, because system map ${systemmap} does not exist.])
2126 fi
2127 fi
2128 ]
2129)
2130
2131AC_SUBST(lkm_inc)
2132AC_SUBST(sh_lkm)
2133AC_SUBST(sh_insmod_cmd)
2134
2135AC_SUBST(systemmap)
2136AC_SUBST(sh_libkvm)
2137
2138AC_ARG_ENABLE(base,
2139 [ --enable-base=B1,B2 base key (0...2147483647)],
2140 [
2141 AC_MSG_CHECKING(base key setting)
2142 my_key_A=`echo ${enableval} | awk 'BEGIN{FS=","}{print $1}'`
2143 my_key_B=`echo ${enableval} | awk 'BEGIN{FS=","}{print $2}'`
2144 AC_MSG_RESULT(${my_key_A} ${my_key_B})
2145 if test "x${my_key_A}" = x; then
2146 AC_MSG_ERROR([Option --enable-base=B1,B2 used with invalid first base key (zero length).])
2147 fi
2148 if test "x${my_key_B}" = x; then
2149 AC_MSG_ERROR([Option --enable-base=B1,B2 used with invalid second base key (zero length).])
2150 fi
2151 echo "${my_key_A}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
2152 AC_MSG_ERROR([For --enable-base=B1,B2, B1 and B2 must be numeric in the range 0 to 2147483647.])
2153 echo "${my_key_B}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
2154 AC_MSG_ERROR([For --enable-base=B1,B2, B1 and B2 must be numeric in the range 0 to 2147483647.])
2155 ],
2156 [
2157 AC_MSG_CHECKING(base key setting .. collecting entropy)
2158 my_key_1=`${srcdir}/c_random.sh 2>/dev/null`
2159 my_key_2=`${srcdir}/c_random.sh 2>/dev/null`
2160 my_key_3=`${srcdir}/c_random.sh 2>/dev/null`
2161 my_key_4=`${srcdir}/c_random.sh 2>/dev/null`
2162 my_key_A=`expr $my_key_1 \* 32767`
2163 my_key_A=`echo ${my_key_A} | sed 's%^0*%%g' 2>/dev/null`
2164 my_key_A=`expr $my_key_A \+ $my_key_2`
2165 my_key_B=`expr $my_key_3 \* 32767`
2166 my_key_B=`echo ${my_key_B} | sed 's%^0*%%g' 2>/dev/null`
2167 my_key_B=`expr $my_key_B \+ $my_key_4`
2168 AC_MSG_RESULT(${my_key_A} ${my_key_B})
2169 ]
2170 )
2171AC_SUBST(my_key_A)
2172AC_SUBST(my_key_B)
2173
2174dnl low bytes
2175my_key_1=`expr $my_key_A \% 65536`
2176dnl high bytes
2177my_key_2=`expr $my_key_A \/ 65536`
2178dnl low bytes
2179my_key_3=`expr $my_key_B \% 65536`
2180dnl high bytes
2181my_key_4=`expr $my_key_B \/ 65536`
2182
2183dnl echo ${my_key_1} ${my_key_2} ${my_key_3} ${my_key_4}
2184
2185dnl touch ./sh_MK.h
2186dnl echo "#ifndef SH_MK_H" >> ./sh_MK.h
2187dnl echo "#define SH_MK_H" >> ./sh_MK.h
2188dnl ${srcdir}/c_bits.sh ${my_key_1} MKB >> ./sh_MK.h
2189dnl ${srcdir}/c_bits.sh ${my_key_2} MKA >> ./sh_MK.h
2190dnl ${srcdir}/c_bits.sh ${my_key_3} MKC >> ./sh_MK.h
2191dnl ${srcdir}/c_bits.sh ${my_key_4} MKD >> ./sh_MK.h
2192dnl echo "#endif" >> ./sh_MK.h
2193AC_SUBST(my_key_1)
2194AC_SUBST(my_key_2)
2195AC_SUBST(my_key_3)
2196AC_SUBST(my_key_4)
2197
2198AC_MSG_CHECKING(key position)
2199pos_tf_1=`${srcdir}/c_random.sh 2>/dev/null`
2200pos_tf_2=`expr $pos_tf_1 \% 8`
2201pos_tf=`expr $pos_tf_2 + 1`
2202AC_MSG_RESULT(${pos_tf})
2203AC_DEFINE_UNQUOTED(POS_TF, ${pos_tf} )
2204
2205mykeybase=`echo ${my_key_A},${my_key_B}`
2206AC_DEFINE_UNQUOTED(DEFKEY, ${mykeybase} )
2207AC_SUBST(mykeybase)
2208
2209
2210dnl
2211dnl GPG/PGP options
2212dnl
2213
2214AC_ARG_WITH(gpg,
2215 [ --with-gpg=PATH use GnuPG to verify database/config [[no]]],
2216 [
2217 if test "x${withval}" != "xno"; then
2218 if test "x${cross_compiling}" = xyes; then
2219 mygpg="${withval}"
2220 else
2221 if test -f "${withval}"; then
2222 mygpg="${withval}"
2223 mychk0=`${withval} --load-extension tiger --print-md TIGER192 ${withval} 2>/dev/null`
2224 if test "x$?" != "x0"; then
2225 mychktest=no
2226 for sampre in ./samhain ./yule /usr/local/sbin/samhain /usr/local/bin/samhain /usr/bin/samhain /usr/sbin/samhain /usr/local/sbin/yule /usr/local/bin/yule /usr/bin/yule /usr/sbin/yule; do
2227 if test x"${mychktest}" = xyes
2228 then
2229 :
2230 else
2231 if test -f ${sampre}
2232 then
2233 echo "use existing ${sampre} for gpg checksum"
2234 mychk0=`${sampre} -H ${withval} 2>/dev/null`
2235 if test "x$?" != "x0"; then
2236 :
2237 else
2238 mychk="${mychk0}"
2239 mychktest=yes
2240 fi
2241 fi
2242 fi
2243 done
2244 if test x${mychktest} = xno; then
2245 AC_MSG_WARN([--with-gpg: cannot determine TIGER192 checksum of ${withval}])
2246 echo "-------------------------------------------------------------"
2247 echo " Your gpg binary does not support the TIGER192 checksum, "
2248 echo " and I cannot find an existing samhain binary to use instead."
2249 echo " You can:"
2250 echo " (a) run make to compile a samhain binary, then repeat"
2251 echo " ./configure and make"
2252 echo " (b) ignore the failure. The checksum of the gpg binary"
2253 echo " will not get compiled in, thus allowing an attacker"
2254 echo " to replace gpg with a trojan and subverting the gpg"
2255 echo " signature verification of configure and database files."
2256 echo
2257 echo " PLEASE IGNORE THIS MESSAGE IF YOU ALSO USE --with-checksum"
2258 echo "-------------------------------------------------------------"
2259 fi
2260 else
2261 mychk="${mychk0}"
2262 fi
2263 else
2264 AC_MSG_ERROR([--with-gpg: cannot find GnuPG PATH=${withval}])
2265 fi
2266 fi
2267 AC_DEFINE(WITH_GPG)
2268 AC_DEFINE_UNQUOTED(DEFAULT_GPG_PATH, _("${mygpg}") )
2269 AC_SUBST(mygpg)
2270 fi
2271 ]
2272)
2273
2274AC_ARG_WITH(keyid,
2275 [ --with-keyid=KEYID specify KeyID (0x...) for GPG/PGP functions [[none]]],
2276 [
2277 if test "x${withval}" != "x"; then
2278 echo "${withval}" | awk '{if((length($0)==10)||(length($0)==18)){exit 2}else{exit 0}}' &&
2279 AC_MSG_ERROR([--with-keyid:${withval} must be "0x" + 8|16 hex digits])
2280 echo "${withval}" | grep ['[^0][^x][^0123456789ABCDEFabcdef]'] >/dev/null 2>&1 &&
2281 AC_MSG_ERROR([--with-keyid:${withval} must be "0x" + 8|16 hex digits])
2282 mykeyid="$withval"
2283 mykeytag="--default-key"
2284 else
2285 mykeyid=""
2286 mykeytag=""
2287 fi
2288 AC_SUBST(mykeyid)
2289 AC_SUBST(mykeytag)
2290 ]
2291)
2292
2293dnl AC_ARG_WITH(pgp,
2294dnl [ --with-pgp=PATH Use PGP to verify database/config (no).],
2295dnl [myppg="$withval"
2296dnl AC_DEFINE(WITH_PGP)
2297dnl AC_DEFINE_UNQUOTED(DEFAULT_PGP_PATH, _("${myppg}") )
2298dnl ])
2299
2300AC_ARG_WITH(checksum,
2301 [ --with-checksum=CHKSUM compile in gpg/pgp checksum [[yes]]],
2302 [
2303 if test "x${withval}" != "xno"; then
2304 if test "x${withval}" != "xyes"; then
2305 if test "x${mychk}" != "x"; then
2306 if test "x${mychk}" != "x${withval}"; then
2307 AC_MSG_WARN([--with-checksum: possible gpg CHKSUM problem])
2308 AC_MSG_WARN([--with-checksum: CHKSUM=${withval}])
2309 AC_MSG_WARN([--with-checksum: autodetected=${mychk}])
2310 fi
2311 fi
2312 mychk="${withval}"
2313 else
2314 if test "x${mychk}" = "x"; then
2315 AC_MSG_ERROR([Option --with-checksum=CHKSUM: checksum CHKSUM of the gpg binary not specified.])
2316 fi
2317 fi
2318 AC_DEFINE(HAVE_GPG_CHECKSUM)
2319 AC_DEFINE_UNQUOTED(GPG_HASH, _("${mychk}") )
2320 echo "${mychk}" | sed 's,.*:,,g' | sed 's, ,,g' | sed 's,\(.\),\1:,g' | awk '{ split($0, arr, ":"); m = length($1)/2; print "#ifndef CHKSUM_H"; print "#define CHKSUM_H"; print "char gpgchk[50];"; for (i=1; i <= m; i++) printf "gpgchk[%d] = %c%s%c;\n", i-1, 39, arr[i], 39; printf "gpgchk[48] = %c%c0%c;\n", 39, 92, 39; print "#endif"; }' > sh_gpg_chksum.h
2321 fi
2322 ],
2323 [
2324 if test "x${mygpg}" != "x"; then
2325 if test "x${mychk}" != "x"; then
2326 AC_DEFINE(HAVE_GPG_CHECKSUM)
2327 AC_DEFINE_UNQUOTED(GPG_HASH, _("${mychk}") )
2328 echo "${mychk}" | sed 's,.*:,,g' | sed 's, ,,g' | sed 's,\(.\),\1:,g' | awk '{ split($0, arr, ":"); m = length($1)/2; print "#ifndef CHKSUM_H"; print "#define CHKSUM_H"; print "char gpgchk[50];"; for (i=1; i <= m; i++) printf "gpgchk[%d] = %c%s%c;\n", i-1, 39, arr[i], 39; printf "gpgchk[48] = %c%c0%c;\n", 39, 92, 39; print "#endif"; }' > sh_gpg_chksum.h
2329 fi
2330 fi
2331 ]
2332)
2333
2334AC_ARG_WITH(fp,
2335 [ --with-fp=FINGERPRINT compile in public key fingerprint [[no]]],
2336 [
2337 if test "x${withval}" != "xno"; then
2338 if test "x${withval}" != "xyes"; then
2339 withval0=`echo ${withval} | sed 's% %%g'`
2340 echo "${withval0}" | \
2341 grep ['[^0123456789abcdefABCDEF]'] >/dev/null 2>&1 &&
2342 AC_MSG_ERROR([In option --with-fp=FINGERPRINT, there is an invalid character(s) in FINGERPRINT=${withval0}.])
2343 sh_len=`echo ${withval0} | wc -c | sed 's% %%g'`
2344 sh_len0=`expr ${sh_len} \- 1`
2345 if test "x${sh_len0}" = "x40" || test "x${sh_len0}" = "x32"
2346 then
2347 myfp="${withval0}"
2348 AC_DEFINE(USE_FINGERPRINT)
2349 AC_DEFINE_UNQUOTED(SH_GPG_FP, _("${myfp}") )
2350 echo "${myfp}" | sed 's,.*:,,g' | sed 's, ,,g' | sed 's,\(.\),\1:,g' | awk '{ split($0, arr, ":"); m = length($1)/2; print "#ifndef FINGERPRINT_H"; print "#define FINGERPRINT_H"; printf "char gpgfp[%d];\n", m+1; for (i=1; i <= m; i++) printf "gpgfp[%d] = %c%s%c;\n", i-1, 39, arr[i], 39; printf "gpgfp[%d] = %c%c0%c;\n", m, 39, 92, 39; print "#endif"; }' > sh_gpg_fp.h
2351 else
2352 AC_MSG_ERROR([In option --with-fp=FINGERPRINT, the length (${sh_len0}) of FINGERPRINT ${withval0} is incorrect.])
2353 fi
2354 else
2355 AC_MSG_ERROR([For option --with-fp=FINGERPRINT, FINGERPRINT=yes is invalid, please specify a valid key fingerprint.])
2356 fi
2357 fi
2358 ])
2359
2360
2361dnl
2362dnl MAIL OPTIONS
2363dnl
2364
2365AC_ARG_WITH(recipient,
2366 [ --with-recipient=ADDR set recipient(s) for e-mail [[none]]],
2367 [
2368 withval0=`echo ${withval} | sed 's%,% %g'`
2369 for sh_item in ${withval0}
2370 do
2371 case ${sh_item} in
2372 *@localhost)
2373 ;;
2374 *@*.*)
2375 sh_tmp=`echo ${sh_item} | awk '{ if ($1 ~ [/^[a-zA-Z0-9][a-zA-Z0-9\-_\.]*@[a-zA-Z0-9\-\.]+\.([a-zA-Z]+|[0-9]+)$/]) {print 1; } else { print 0}}'`
2376 if test "x${sh_tmp}" != "x1"
2377 then
2378 AC_MSG_ERROR([Option --with-recipient=ADDR used with invalid mail address ${sh_item}.])
2379 fi
2380 ;;
2381 *)
2382 AC_MSG_ERROR([Option --with-recipient=ADDR used with invalid mail address ${sh_item}.])
2383 ;;
2384 esac
2385 done
2386 myrcp="$withval0"
2387 ],
2388 [myrcp="NULL"])
2389AC_DEFINE_UNQUOTED(DEFAULT_MAILADDRESS, _("${myrcp}") )
2390
2391
2392AC_ARG_WITH(sender,
2393 [ --with-sender=SENDER set sender for e-mail [[daemon]]],
2394 [
2395 mysender="${withval}"
2396 ],
2397 [
2398 mysender="daemon"
2399 ])
2400AC_DEFINE_UNQUOTED(DEFAULT_SENDER, _("${mysender}") )
2401
2402
2403dnl
2404dnl PATHS
2405dnl
2406
2407AC_ARG_WITH(trusted,
2408 [ --with-trusted=UID Set uid(s) of trusted users [[0]]],
2409 [
2410 sh_tmp_test=no
2411 sh_tmp=`echo ${withval} | sed 's%,% %g'`
2412 for sh_tmp1 in ${sh_tmp}
2413 do
2414 echo "${sh_tmp1}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
2415 AC_MSG_ERROR([Option --with-trusted=UID used with non-numeric UID in ${withval}.])
2416 if test "x${sh_tmp1}" = "x0"
2417 then
2418 sh_tmp_test=yes
2419 fi
2420 done
2421 if test "x${sh_tmp_test}" = "xno"
2422 then
2423 withval="0,${withval}"
2424 fi
2425 mytrust="${withval}"
2426 ],
2427 [mytrust="0"] )
2428AC_DEFINE_UNQUOTED(SL_ALWAYS_TRUSTED, ${mytrust} )
2429AC_SUBST(mytrust)
2430
2431AC_ARG_WITH(tmp-dir,
2432 [ --with-tmp-dir=PFX set directory for temporary files [[HOME]]],
2433 [
2434 if test "x${cross_compiling}" = xyes; then
2435 my_tmp_dir="$withval"
2436 AC_DEFINE_UNQUOTED(SH_TMPDIR, _("${my_tmp_dir}") )
2437 else
2438 if test -d "${withval}"; then
2439 my_tmp_dir="$withval"
2440 AC_DEFINE_UNQUOTED(SH_TMPDIR, _("${my_tmp_dir}") )
2441 else
2442 my_tmp_dir="$withval"
2443 AC_DEFINE_UNQUOTED(SH_TMPDIR, _("${my_tmp_dir}") )
2444 AC_MSG_WARN([--with-tmp-dir: tmp directory ${withval} does not exist])
2445 fi
2446 fi
2447 ]
2448)
2449
2450dnl
2451dnl PATH DEFAULTS
2452dnl
2453
2454if test "x${ac_prefix_set}" = xyes
2455then
2456 if test "x${exec_prefix}" = xNONE
2457 then
2458 exec_prefix="${prefix}"
2459 fi
2460
2461 if test "x${prefix}" = xOPT
2462 then
2463 tmp_sbindir="/opt/${install_name}/bin"
2464 tmp_sysconfdir="/etc/opt"
2465 tmp_mandir="/opt/${install_name}/man"
2466 tmp_localstatedir="/var/opt/${install_name}"
2467 elif test "x${prefix}" = xUSR
2468 then
2469 tmp_sbindir="/usr/sbin"
2470 tmp_sysconfdir="/etc"
2471 tmp_mandir="/usr/share/man"
2472 tmp_localstatedir="/var"
2473 else
2474 tmp_sbindir=`eval echo ${sbindir}`
2475 tmp_sysconfdir=`eval echo ${sysconfdir}`
2476 tmp_mandir=`eval echo ${mandir}`
2477 tmp_localstatedir=`eval echo ${localstatedir}`
2478 fi
2479else
2480 prefix=""
2481 if test "x${ac_exec_prefix_set}" = xyes
2482 then
2483 tmp_sbindir=`eval echo ${sbindir}`
2484 else
2485 tmp_sbindir="/usr/local/sbin"
2486 fi
2487 tmp_sysconfdir="/etc"
2488 # share/man -> man (FHS) 11.10.2002
2489 tmp_mandir="/usr/local/man"
2490 tmp_localstatedir="/var"
2491fi
2492
2493
2494if test "x${ac_sbindir_set}" = xyes
2495then
2496 :
2497else
2498 sbindir=`eval echo ${tmp_sbindir}`
2499fi
2500
2501
2502if test "x${ac_sysconfdir_set}" = xyes
2503then
2504 :
2505else
2506 sysconfdir=`eval echo ${tmp_sysconfdir}`
2507fi
2508
2509if test "x${ac_mandir_set}" = xyes
2510then
2511 :
2512else
2513 mandir=`eval echo ${tmp_mandir}`
2514fi
2515
2516if test "x${ac_localstatedir_set}" = xyes
2517then
2518 :
2519else
2520 localstatedir=`eval echo ${tmp_localstatedir}`
2521fi
2522
2523
2524
2525AC_ARG_WITH(config-file,
2526 [ --with-config-file=FILE configuration file [[/etc/{install_name}rc]]],
2527 [
2528 myconffile="${withval}"
2529 changequote(<<, >>)dnl
2530 tmp=`echo ${withval} | sed 's%^REQ_FROM_SERVER%%'`
2531 sysconfdir=`echo ${tmp} | sed 's%/[^/][^/]*$%%'`
2532 myrpmconffile="${tmp}"
2533 changequote([, ])dnl
2534 ],
2535 [
2536 myconffile="${sysconfdir}/${install_name}rc"
2537 myrpmconffile="${myconffile}"
2538 ]
2539)
2540AC_DEFINE_UNQUOTED(DEFAULT_CONFIGFILE, _("${myconffile}") )
2541AC_SUBST(myconffile)
2542AC_SUBST(myrpmconffile)
2543
2544AC_ARG_WITH(log-file,
2545 [ --with-log-file=FILE path of log file [[/var/log/{install_name}_log]]],
2546 [
2547 mylogfile="$withval"
2548 changequote(<<, >>)dnl
2549 mylogdir=`echo ${withval} | sed 's%/[^/][^/]*$%%'`
2550 changequote([, ])dnl
2551 ],
2552 [
2553 if test "x${mytclient}" = "x-DSH_WITH_SERVER"; then
2554 mylogfile="${localstatedir}/log/${install_name}/${install_name}_log"
2555 mylogdir="${localstatedir}/log/${install_name}"
2556 else
2557 mylogfile="${localstatedir}/log/${install_name}_log"
2558 mylogdir="${localstatedir}/log"
2559 fi
2560 ]
2561)
2562AC_DEFINE_UNQUOTED(DEFAULT_ERRFILE, _("${mylogfile}") )
2563AC_DEFINE_UNQUOTED(DEFAULT_LOGDIR, _("${mylogdir}") )
2564AC_SUBST(mylogfile)
2565AC_SUBST(mylogdir)
2566
2567AC_ARG_WITH(pid-file,
2568 [ --with-pid-file=FILE set path of pid file [[/var/run/{install_name}.pid]]],
2569 [
2570 mylockfile="$withval"
2571 changequote(<<, >>)dnl
2572 mylockdir=`echo ${withval} | sed 's%/[^/][^/]*$%%'`
2573 changequote([, ])dnl
2574 ],
2575 [
2576 mylockfile="${localstatedir}/run/${install_name}.pid"
2577 mylockdir="${localstatedir}/run"
2578 ]
2579)
2580AC_DEFINE_UNQUOTED(DEFAULT_ERRLOCK, _("${mylockfile}") )
2581AC_DEFINE_UNQUOTED(DEFAULT_PIDDIR, _("${mylockdir}") )
2582AC_SUBST(mylockfile)
2583AC_SUBST(mylockdir)
2584
2585AC_ARG_WITH(state-dir,
2586 [ --with-state-dir=PFX set state data directory [[/var/lib/{install_name}]]],
2587 [
2588 mydataroot="$withval"
2589 ],
2590 [
2591 mydataroot="${localstatedir}/lib/${install_name}"
2592 ]
2593 )
2594AC_ARG_WITH(data-file,
2595 [ --with-data-file=FILE set path of data file],
2596 [
2597 mydatafile="$withval"
2598 changequote(<<, >>)dnl
2599 tmp=`echo ${withval} | sed 's%^REQ_FROM_SERVER%%'`
2600 mydataroot=`echo ${tmp} | sed 's%/[^/][^/]*$%%'`
2601 myrpmdatafile="${tmp}"
2602 changequote([, ])dnl
2603 if test x"${tmp}" = x
2604 then
2605 echo "No local path in data file ${withval}"
2606 echo "This will not work for initializing the database."
2607 if test x"${withval}" = xREQ_FROM_SERVER
2608 then
2609 echo "It should be REQ_FROM_SERVER/some/local/path"
2610 fi
2611 AC_MSG_ERROR([Option --with-data-file=FILE used with invalid path ${withval}.])
2612 fi
2613 ],
2614 [
2615 mydatafile="${mydataroot}/${install_name}_file"
2616 myrpmdatafile="${mydatafile}"
2617 ])
2618AC_DEFINE_UNQUOTED(DEFAULT_DATA_FILE, _("${mydatafile}") )
2619AC_SUBST(mydatafile)
2620AC_SUBST(myrpmdatafile)
2621
2622AC_DEFINE_UNQUOTED(DEFAULT_DATAROOT, _("${mydataroot}") )
2623AC_SUBST(mydataroot)
2624
2625AC_DEFINE_UNQUOTED(DEFAULT_QDIR, _("${mydataroot}/.quarantine") )
2626AC_SUBST(myqdir)
2627
2628
2629AC_ARG_WITH(html-file,
2630 [ --with-html-file=FILE set path of html file,],
2631 [
2632 myhtmlfile="$withval"
2633 ],
2634 [
2635 myhtmlfile="${mylogdir}/${install_name}.html"
2636 ])
2637AC_DEFINE_UNQUOTED(DEFAULT_HTML_FILE, _("${myhtmlfile}") )
2638AC_SUBST(myhtmlfile)
2639
2640
2641mydefargs=$ac_configure_args
2642# if test -z "`echo "$mydefargs" | grep "\-\-enable\-static" 2> /dev/null`"
2643# then
2644# mydefargs="--enable-static $mydefargs"
2645# fi
2646if test -z "`echo "$mydefargs" | grep "\-\-enable\-base" 2> /dev/null`"
2647then
2648 mydefargs="--enable-base=${mykeybase} $mydefargs"
2649fi
2650AC_SUBST(mydefargs)
2651
2652
2653AC_DEFINE_UNQUOTED(SH_INSTALL_DIR, _("${sbindir}"))
2654AC_DEFINE_UNQUOTED(SH_INSTALL_PATH, _("${sbindir}/${install_name}"))
2655AC_DEFINE_UNQUOTED(SH_INSTALL_NAME, _("${install_name}"))
2656
2657AC_CONFIG_HEADER(config.h)
2658
2659AC_OUTPUT(
2660[
2661Makefile
2662samhain-install.sh
2663init/samhain.startLSB
2664init/samhain.startLinux
2665init/samhain.startGentoo
2666init/samhain.startFreeBSD
2667init/samhain.startSolaris
2668init/samhain.startHPUX
2669init/samhain.startIRIX
2670init/samhain.startMACOSX
2671samhain.spec
2672rules.deb
2673rules.deb-light
2674hp_ux.psf
2675scripts/samhain.spec
2676scripts/redhat_i386.client.spec
2677scripts/samhain.ebuild
2678scripts/samhain.ebuild-light
2679scripts/samhainadmin.pl
2680scripts/yuleadmin.pl
2681scripts/check_samhain.pl
2682deploy.sh
2683],
2684[
2685echo timestamp > stamp-h
2686chmod +x samhain-install.sh
2687chmod +x scripts/samhainadmin.pl
2688chmod +x scripts/yuleadmin.pl
2689chmod +x scripts/check_samhain.pl
2690]
2691)
2692
2693chmod +x deploy.sh
2694
2695if test "x${cross_compiling}" = xyes
2696then
2697
2698echo "--------------------------------------------------------------"
2699echo
2700echo "You are using a cross-compiler. The following system dependent"
2701echo "values may have been set to default values that may be"
2702echo "incorrect for your target system: "
2703echo
2704echo "ac_cv_c_bigendian bigendian byte order ${ac_cv_c_bigendian}"
2705echo "ac_cv_c_long_double long double exists ${ac_cv_c_long_double}"
2706echo "ac_cv_sizeof_char_p size of pointer to char ${ac_cv_sizeof_char_p}"
2707echo "ac_cv_sizeof_char_p size of size_t ${ac_cv_sizeof_size_t}"
2708echo "ac_cv_sizeof_unsigned_int size of unsigned int ${ac_cv_sizeof_unsigned_int}"
2709echo "ac_cv_sizeof_unsigned_long size of unsigned long ${ac_cv_sizeof_unsigned_long}"
2710echo "ac_cv_sizeof_unsigned_short size of unsigned short ${ac_cv_sizeof_unsigned_short}"
2711echo
2712echo "If these values are incorrect, change them in the file "
2713echo "config.cache and run configure again."
2714echo
2715echo "--------------------------------------------------------------"
2716
2717fi
2718
2719if test x${silent} != xyes
2720then
2721
2722 # A=`eval echo ${sbindir}` ; A=`eval echo ${A}`
2723 # B=`eval echo ${myconffile}` ; B=`eval echo ${B}`
2724 # C=`eval echo ${mandir}` ; C=`eval echo ${C}`
2725 # D=`eval echo ${mylockfile}` ; D=`eval echo ${D}`
2726 # E=`eval echo ${mylogfile}` ; E=`eval echo ${E}`
2727 # F=`eval echo ${mydataroot}` ; F=`eval echo ${F}`
2728
2729 echo
2730 echo " samhain has been configured as follows:"
2731 echo " System binaries: ${sbindir}"
2732 echo " Configuration file: ${myconffile}"
2733 echo " Manual pages: ${mandir}"
2734 echo " Data: ${mydataroot}"
2735 echo " PID file: ${mylockfile}"
2736 echo " Log file: ${mylogfile}"
2737 echo " Base key: ${mykeybase}"
2738 if test x"$mykeyid" != x
2739 then
2740 echo " target GPG/PGP key: ${mykeyid}"
2741 fi
2742 echo
2743 if test x"$mytclient" = x"-DSH_WITH_SERVER"
2744 then
2745 echo " Selected rc file: yulerc"
2746 else
2747 echo " Selected rc file: samhainrc.${selectconfig}"
2748 fi
2749
2750fi
2751
Note: See TracBrowser for help on using the repository browser.