Context Navigation

source: trunk/configure.ac@ 43

Last change on this file since 43 was 43, checked in by rainer, 18 years ago
Fix for ticket #19 (autoconf problem)
File size: 63.8 KB

Line
1
2	dnl We want to override the standard _AC_INIT_PARSE_ARGS
3	dnl
4	AU_ALIAS([_AC_INIT_PARSE_ARGS], [SH_INIT_PARSE_ARGS])
5	AU_ALIAS([_AC_INIT_help], [SH_INIT_HELP])
6
7	AC_INIT(src/samhain.c)
8
9
10	AC_ARG_VAR([LIBS],
11	[libraries to link against, e.g. -lintl])
12
13	dnl
14	dnl start
15	dnl
16	AM_INIT_AUTOMAKE(samhain, 2.2.1)
17	AC_CANONICAL_HOST
18
19	dnl
20	dnl checks for programs
21	dnl
22
23	AC_PROG_CC
24	AC_PROG_CPP
25	AC_PROG_INSTALL
26	AC_PROG_LN_S
27	AC_PROG_AWK
28	AC_PATH_PROG(cmd_hostname,hostname)
29	AC_SUBST(cmd_hostname)
30
31	GCC_STACK_PROTECT_CC
32
33	AC_HEADER_STDC
34	dnl
35	dnl first one is a dummy because of an autoconf bug
36	dnl (no HAVE_... for first one)
37	dnl
38	AC_CHECK_HEADERS([sys/ipc.h sys/msg.h sys/uio.h fcntl.h])
39
40
41	AC_MSG_CHECKING([for host-specific issues])
42	mydebugflag=no
43	myneedg3=no
44	uid_cast="signed long"
45	selectconfig=linux
46	mynetbsd=no
47	sh_use_lcaps="undef"
48
49	case "$host_os" in
50
51	linux)
52	sh_use_lcaps="yes"
53	AC_DEFINE(HOST_IS_LINUX)
54	AC_DEFINE(HAVE_EXT2_IOCTLS)
55	AC_MSG_RESULT(LINUX use ioctl to get e2fs flags)
56	case "$host_cpu" in
57	i86)
58	AC_DEFINE(HOST_IS_I86LINUX)
59	;;
60	*)
61	;;
62	esac
63	;;
64
65	osf)
66	AC_DEFINE([HOST_IS_OSF], 1, [Define if host OS is OSF])
67	if test "x$GCC" != "xyes"; then
68	CFLAGS=`echo $CFLAGS \| sed 's%\-g%%' `
69	CFLAGS="$CFLAGS -O2 -assume noaligned_objects"
70	myneedg3=yes
71	AC_MSG_RESULT(OSF1 compiler needs assume noaligned_objects)
72	else
73	AC_MSG_RESULT(none)
74	fi
75	;;
76
77	cygwin)
78	AC_DEFINE(HOST_IS_CYGWIN)
79	AC_MSG_RESULT(CYGWIN do not check for trusted paths)
80	;;
81
82	darwin)
83	AC_DEFINE(HOST_IS_DARWIN)
84	AC_MSG_RESULT(DARWIN check resource forks)
85	;;
86
87	freebsd)
88	AC_DEFINE(HOST_IS_FREEBSD)
89	selectconfig=freebsd
90	AC_MSG_RESULT(none)
91	;;
92
93	openbsd)
94	selectconfig=freebsd
95	AC_MSG_RESULT(none)
96	;;
97
98	netbsd)
99	mynetbsd=yes
100	AC_MSG_RESULT(NETBSD bug with libresolve)
101	;;
102
103	solaris)
104	selectconfig=solaris
105	AC_DEFINE(HOST_IS_SOLARIS)
106	case "$host_cpu" in
107	i*86)
108	AC_DEFINE(HOST_IS_I86SOLARIS)
109	AC_MSG_RESULT(SOLARIS I86 vsnprintf prototype)
110	;;
111	*)
112	AC_MSG_RESULT(none)
113	;;
114	esac
115	if test "x$GCC" != "xyes"; then
116	if test ! -z "`echo "$CFLAGS" \| grep "\-g" 2> /dev/null`" ; then
117	CFLAGS=`echo $CFLAGS \| sed 's%\-g%%' `
118	fi
119	if test -z "`echo "$CFLAGS" \| grep "\-xO2" 2> /dev/null`"; then
120	CFLAGS="$CFLAGS -xO2"
121	fi
122	if test -z "`echo "$CFLAGS" \| grep "\-Xa" 2> /dev/null`"; then
123	CFLAGS="$CFLAGS -Xa"
124	fi
125	LIBS="-lc $LIBS"
126	fi
127	;;
128
129
130	sun)
131	selectconfig=solaris
132	AC_DEFINE(HOST_IS_SOLARIS)
133	AC_MSG_RESULT(none)
134	;;
135
136	aix)
137	AC_DEFINE(HOST_IS_AIX)
138	selectconfig=aix5.2.0
139	uid_cast="unsigned long"
140	if test "x$GCC" != "xyes"; then
141	if test ! -z "`echo "$CFLAGS" \| grep "\-g" 2> /dev/null`" ; then
142	CFLAGS=`echo $CFLAGS \| sed 's%\-g%%' `
143	fi
144	if test -z "`echo "$CFLAGS" \| grep "\-O3" 2> /dev/null`"; then
145	CFLAGS="$CFLAGS -O3"
146	fi
147	if test -z "`echo "$CFLAGS" \| grep "\-qstrict" 2> /dev/null`"; then
148	CFLAGS="$CFLAGS -qstrict"
149	fi
150	AC_MSG_RESULT(AIX size_t in the accept call and optimize O3 qstrict)
151	else
152	AC_MSG_RESULT(AIX size_t in the accept call)
153	fi
154	;;
155
156	hpux)
157	AC_MSG_RESULT(HPUX has not always h_errno defined)
158	AC_DEFINE(HOST_IS_HPUX)
159	if test "x$GCC" != "xyes"; then
160	if test ! -z "`echo "$CFLAGS" \| grep "\-g" 2> /dev/null`" ; then
161	CFLAGS=`echo $CFLAGS \| sed 's%\-g%%' `
162	fi
163	if test -z "`echo "$CFLAGS" \| grep "\-fast" 2> /dev/null`"; then
164	CFLAGS="$CFLAGS -fast"
165	fi
166	fi
167	;;
168
169	ultrix)
170	AC_MSG_RESULT(ULTRIX getcwd uses popen)
171	AC_DEFINE(HAVE_BROKEN_GETCWD)
172	;;
173
174	*)
175	AC_MSG_RESULT(none)
176	;;
177	esac
178
179	AC_SUBST(selectconfig)
180	AC_DEFINE_UNQUOTED(UID_CAST, ${uid_cast})
181
182
183	dnl *****************************************
184	dnl
185	dnl checks for header files
186	dnl
187	dnl *****************************************
188
189	AC_HEADER_DIRENT
190	AC_HEADER_MAJOR
191	AC_HEADER_TIME
192	dnl used in minilzo.c
193	AC_HEADER_STAT
194	AC_DECL_SYS_SIGLIST
195
196	AC_CHECK_HEADERS(stddef.h libgen.h sched.h \
197	sys/vfs.h \
198	sys/select.h sys/socket.h netinet/in.h \
199	regex.h glob.h \
200	linux/ext2_fs.h ext2fs/ext2_fs.h \
201	paths.h arpa/nameser.h arpa/nameser_compat.h,
202	[],
203	[],
204	[#include <sys/types.h>]
205	)
206
207
208	AC_CHECK_HEADER(utmpx.h, sh_utmpx="yes", sh_utmpx="no")
209	if test "x$sh_utmpx" = "xyes"; then
210	if cat "/usr/include/utmpx.h" 2>&5 \|
211	egrep "WTMPX_FILE" >/dev/null 2>&1; then
212	AC_DEFINE(HAVE_UTMPX_H)
213	AC_EGREP_HEADER(ut_host, utmpx.h, AC_DEFINE(HAVE_UTHOST) )
214	AC_EGREP_HEADER(ut_addr, utmpx.h, AC_DEFINE(HAVE_UTADDR) )
215	AC_EGREP_HEADER(ut_xtime,utmpx.h, AC_DEFINE(HAVE_UTXTIME) )
216	AC_EGREP_HEADER(ut_type, utmpx.h, AC_DEFINE(HAVE_UTTYPE) )
217	else
218	AC_EGREP_HEADER(ut_addr, utmp.h, AC_DEFINE(HAVE_UTADDR) )
219	AC_EGREP_HEADER(ut_host, utmp.h, AC_DEFINE(HAVE_UTHOST) )
220	AC_EGREP_HEADER(ut_type, utmp.h, AC_DEFINE(HAVE_UTTYPE) )
221	fi
222	else
223	AC_EGREP_HEADER(ut_host, utmp.h, AC_DEFINE(HAVE_UTHOST) )
224	AC_EGREP_HEADER(ut_type, utmp.h, AC_DEFINE(HAVE_UTTYPE) )
225	fi
226
227	dnl need to check because AIX 4.2 does not have it
228	dnl
229	AC_CHECK_MEMBERS([struct statfs.f_flags],[],[],[
230	#ifdef HAVE_SYS_TYPES_H
231	#include <sys/types.h>
232	#endif
233	#ifdef HAVE_SYS_STAT_H
234	#include <sys/stat.h>
235	#endif
236	#ifdef HAVE_SYS_VFS_H
237	#include <sys/vfs.h>
238	#endif
239	#ifdef HAVE_UNISTD_H
240	#include <unistd.h>
241	#endif
242	])
243
244	AC_SYS_LARGEFILE
245
246	dnl
247	dnl check whether _POSIX_SOURCE is required
248	dnl
249	SAMHAIN_POSIX
250
251
252	dnl *****************************************
253	dnl
254	dnl Checks for library functions.
255	dnl
256	dnl *****************************************
257	AC_FUNC_STRFTIME
258	AC_CHECK_FUNCS(memcmp memcpy memmove memset getpwent endpwent \
259	gettimeofday strlcat strlcpy strstr strchr strerror strsignal \
260	seteuid setreuid setresuid lstat getwd getcwd ptrace \
261	usleep setpriority getpeereid nanosleep \
262	strptime basename sched_yield \
263	inet_aton gethostbyname setutent setrlimit gethostname uname \
264	initgroups getpagesize \
265	ttyname fchmod
266	)
267	AC_CHECK_FUNC(statfs, AC_DEFINE(HAVE_STATFS) statfs="yes", statfs="no")
268	SL_CHECK_VA_COPY
269	AC_CHECK_FUNCS(vsnprintf, [SL_CHECK_VSNPRINTF])
270	AC_CHECK_MLOCK
271
272	AC_MSG_CHECKING(how to get filesystem type)
273	fstype=no
274	# The order of these tests is important.
275	AC_TRY_CPP([#include <sys/statvfs.h>
276	#include <sys/fstyp.h>], AC_DEFINE(FSTYPE_STATVFS) fstype=SVR4)
277	if test $fstype = no; then
278	AC_TRY_CPP([#include <sys/statfs.h>
279	#include <sys/fstyp.h>], AC_DEFINE(FSTYPE_USG_STATFS) fstype=SVR3)
280	fi
281	if test $fstype = no; then
282	AC_TRY_CPP([#include <sys/statfs.h>
283	#include <sys/vmount.h>], AC_DEFINE(FSTYPE_AIX_STATFS) fstype=AIX)
284	fi
285	if test $fstype = no; then
286	AC_TRY_CPP([#include <mntent.h>], AC_DEFINE(FSTYPE_MNTENT) fstype=4.3BSD)
287	fi
288	if test $fstype = no; then
289	AC_EGREP_HEADER(f_type;, sys/mount.h, AC_DEFINE(FSTYPE_STATFS) fstype=4.4BSD/OSF)
290	fi
291	if test $fstype = no; then
292	AC_TRY_CPP([#include <sys/mount.h>
293	#include <sys/fs_types.h>], AC_DEFINE(FSTYPE_GETMNT) fstype=Ultrix)
294	fi
295	AC_MSG_RESULT($fstype)
296
297	sh_libsocket=
298
299	dnl Solaris needs -lsocket and -lnsl. Unisys system includes
300	dnl gethostbyname in libsocket but needs libnsl for socket.
301	AC_CHECK_LIB(nsl, gethostbyname)
302	AC_CHECK_LIB(socket, socket, ac_need_libsocket=1, ac_try_nsl=1)
303	if test x$ac_need_libsocket = x1; then
304	LIBS="$LIBS -lsocket"
305	sh_libsocket="-lsocket"
306	fi
307	if test x$ac_try_nsl = x1; then
308	AC_CHECK_LIB(nsl, gethostbyname, ac_need_libnsl=1)
309	if test x$ac_need_libnsl = x1
310	then
311	LIBS="$LIBS -lnsl"
312	fi
313	fi
314	AC_SUBST(sh_libsocket)
315
316	AC_CHECK_LIB(socket, res_search, [
317	AC_CHECK_LIB(resolv, dn_skipname)
318	AC_CHECK_LIB(resolv, __dn_skipname)
319	if test x$ac_need_libsocket = x1; then
320	:
321	else
322	LIBS="$LIBS -lsocket"
323	fi
324	], [
325	AC_CHECK_LIB(resolv, res_search, [
326	LIBS="$LIBS -lresolv"
327	], [
328	AC_CHECK_LIB(resolv, dn_skipname)
329	AC_CHECK_LIB(resolv, __dn_skipname)
330	])
331	])
332
333	dnl arguments for accept
334
335	dnl check for Unix98 socklen_t (found on
336	dnl xemacs-patches mailing list, written
337	dnl by Martin Buchholz)
338	dnl
339	dnl On Darwin(MacOSX) socklen_t needs to be
340	dnl an int (see accept man page), on all other
341	dnl unix systems we need a size_t.
342
343	AC_MSG_CHECKING(for socklen_t)
344	AC_TRY_COMPILE([
345	#ifdef HAVE_SYS_TYPES_H
346	#include <sys/types.h>
347	#endif
348	#ifdef HAVE_SYS_SOCKET_H
349	#include <sys/socket.h>
350	#endif
351	socklen_t x;
352	], [],[
353	AC_MSG_RESULT(yes)
354	AC_DEFINE_UNQUOTED([ACCEPT_TYPE_ARG3],[socklen_t], [type of arg3 of accept])
355	],[
356	AC_TRY_COMPILE([
357	#ifdef HAVE_SYS_TYPES_H
358	#include <sys/types.h>
359	#endif
360	#ifdef HAVE_SYS_SOCKET_H
361	#include <sys/socket.h>
362	#endif
363	int accept (int, struct sockaddr , size_t );
364	],[],[
365	AC_MSG_RESULT(size_t)
366	AC_DEFINE_UNQUOTED([ACCEPT_TYPE_ARG3],[size_t], [type of arg3 of accept])
367	], [
368	AC_MSG_RESULT(int)
369	AC_DEFINE_UNQUOTED([ACCEPT_TYPE_ARG3],[int], [type of arg3 of accept])
370	]
371	)
372	])
373
374
375	dnl *****************************************
376	dnl checks for typedefs
377	dnl *****************************************
378
379	AC_C_LONG_DOUBLE
380	SH_CHECK_TYPEDEF(long long, HAVE_LONG_LONG)
381	if test "$sh_HAVE_LONG_LONG" = "yes"; then
382	AC_CHECK_SIZEOF(unsigned long long, 4)
383	if test "$ac_cv_sizeof_unsigned_long_long" = "8"; then
384	AC_DEFINE(HAVE_LONG_LONG_64, 1, [Define if you have 64bit long long])
385	fi
386	fi
387
388	AC_CHECK_TYPE(ptrdiff_t, long)
389	AC_TYPE_SIZE_T
390	AC_CHECK_SIZEOF(char *, 4)
391	AC_CHECK_SIZEOF(size_t, 4)
392
393	AC_CHECK_SIZEOF(unsigned long, 4)
394	AC_CHECK_SIZEOF(unsigned int , 4)
395	AC_CHECK_SIZEOF(unsigned short, 2)
396
397
398	if test "$ac_cv_sizeof_unsigned_long" = "4"; then
399	AC_DEFINE(HAVE_LONG_32)
400	fi
401	if test "$ac_cv_sizeof_unsigned_long" = "8"; then
402	AC_DEFINE(HAVE_LONG_64)
403	fi
404	if test "$ac_cv_sizeof_unsigned_int" = "4"; then
405	AC_DEFINE(HAVE_INT_32)
406	fi
407
408	dnl
409	dnl For Alpha
410	dnl
411	if test "$ac_cv_sizeof_unsigned_int_" = "4"; then
412	AC_DEFINE(HAVE_INT_32)
413	fi
414	if test "$ac_cv_sizeof_unsigned_short" = "4"; then
415	AC_DEFINE(HAVE_SHORT_32)
416	fi
417
418	dnl
419	dnl check for 64 bit programming environment
420	dnl
421	SAMHAIN_64
422
423
424	dnl *****************************************
425	dnl checks for structures
426	dnl *****************************************
427
428	AC_STRUCT_TM
429
430	dnl
431	dnl from e2fsprogs
432	dnl
433	AC_MSG_CHECKING(whether struct stat has a st_flags field)
434	AC_CACHE_VAL(e2fsprogs_cv_struct_st_flags,
435	AC_TRY_COMPILE([#include <sys/stat.h>],
436	[struct stat stat; stat.st_flags = 0;],
437	[e2fsprogs_cv_struct_st_flags=yes],
438	[e2fsprogs_cv_struct_st_flags=no]))
439	AC_MSG_RESULT($e2fsprogs_cv_struct_st_flags)
440	if test "$e2fsprogs_cv_struct_st_flags" = yes; then
441	AC_MSG_CHECKING(whether st_flags field is useful)
442	AC_CACHE_VAL(e2fsprogs_cv_struct_st_flags_immut,
443	AC_TRY_COMPILE([#include <sys/stat.h>],
444	[struct stat stat; stat.st_flags \|= UF_IMMUTABLE;],
445	[e2fsprogs_cv_struct_st_flags_immut=yes],
446	[e2fsprogs_cv_struct_st_flags_immut=no]))
447	AC_MSG_RESULT($e2fsprogs_cv_struct_st_flags_immut)
448	if test "$e2fsprogs_cv_struct_st_flags_immut" = yes; then
449	AC_DEFINE(HAVE_STAT_FLAGS)
450	fi
451	fi
452
453	dnl
454	dnl from dbus
455	dnl
456	AC_MSG_CHECKING(for struct cmsgcred)
457	AC_TRY_COMPILE([
458	#include <sys/types.h>
459	#include <sys/socket.h>
460	],[
461	struct cmsgcred cred;
462
463	cred.cmcred_pid = 0;
464	],sh_have_struct_cmsgcred=yes,sh_have_struct_cmsgcred=no)
465	AC_MSG_RESULT($sh_have_struct_cmsgcred)
466
467	if test x$sh_have_struct_cmsgcred = xyes; then
468	AC_DEFINE(HAVE_STRUCT_CMSGCRED,1,[Have cmsgcred structure])
469	fi
470
471	AC_MSG_CHECKING(for struct fcred)
472	AC_TRY_COMPILE([
473	#include <sys/param.h>
474	#include <sys/socket.h>
475	#include <sys/ucred.h>
476	],[
477	struct fcred sockcred;
478	],sh_have_struct_fcred=yes,sh_have_struct_fcred=no)
479	AC_MSG_RESULT($sh_have_struct_fcred)
480
481	if test x$sh_have_struct_fcred = xyes; then
482	AC_DEFINE(HAVE_STRUCT_FCRED,1,[Have fcred structure])
483	fi
484
485	AC_MSG_CHECKING(for struct sockcred)
486	AC_TRY_COMPILE([
487	#include <sys/param.h>
488	#include <sys/socket.h>
489	#include <sys/ucred.h>
490	],[
491	struct sockcred sockcred;
492	],sh_have_struct_sockcred=yes,sh_have_struct_sockcred=no)
493	AC_MSG_RESULT($sh_have_struct_sockcred)
494
495	if test x$sh_have_struct_sockcred = xyes; then
496	AC_DEFINE(HAVE_STRUCT_SOCKCRED,1,[Have sockcred structure])
497	fi
498
499	AC_MSG_CHECKING(for SO_PEERCRED)
500	AC_TRY_COMPILE([
501	#include <sys/types.h>
502	#include <sys/socket.h>
503	],[
504	int test = SO_PEERCRED;
505	],sh_have_SO_PEERCRED=yes,sh_have_SO_PEERCRED=no)
506	AC_MSG_RESULT($sh_have_SO_PEERCRED)
507
508	if test x$sh_have_SO_PEERCRED = xyes; then
509	AC_DEFINE(HAVE_SO_PEERCRED,1,[Have SO_PEERCRED define])
510	fi
511
512
513	dnl *****************************************
514	dnl checks for compiler characteristics
515	dnl *****************************************
516	AC_C_INLINE
517	AC_C_CONST
518	AC_C_BIGENDIAN
519
520	AM_SA_SIGACTION_WORKS
521
522	dnl *****************************************
523	dnl
524	dnl checks for system services
525	dnl
526	dnl *****************************************
527
528	dnl
529	dnl check for GNU gmp
530	dnl
531	AC_CHECK_LIB(gmp, __gmpz_init, [sh_have_gmp=yes], [sh_have_gmp=no])
532	if test "x${sh_have_gmp}" = xno
533	then
534	AC_CHECK_LIB(gmp, mpz_init, [sh_have_gmp=yes], [sh_have_gmp=no])
535	fi
536	if test "x${sh_have_gmp}" = xyes
537	then
538	# LIBS="-lgmp $LIBS"
539	AC_DEFINE(HAVE_LIBGMP, 1, [Have GNU gmp library])
540	fi
541	AC_CHECK_HEADERS(gmp.h)
542
543
544	dnl *****************************************
545	dnl
546	dnl enable features
547	dnl
548	dnl *****************************************
549
550	AC_ARG_ENABLE(db-reload,
551	[ --enable-db-reload enable database reload on SIGHUP [no]],
552	[
553	if test "x${enable_db_reload}" = xyes; then
554	AC_DEFINE(RELOAD_DATABASE)
555	fi
556	]
557	)
558
559	AC_ARG_ENABLE(xml-log,
560	[ --enable-xml-log enable XML logfile format [[no]]],
561	[
562	if test "x${enable_xml_log}" = xyes; then
563	AC_DEFINE(SH_USE_XML)
564	fi
565	]
566	)
567
568
569	AC_ARG_ENABLE(mail,
570	[ --disable-mail disable the internal SMTP mailer],
571	[
572	if test "x${enable_mail}" = xno; then
573	:
574	else
575	AC_DEFINE(SH_WITH_MAIL)
576	fi
577	],
578	[AC_DEFINE(SH_WITH_MAIL)]
579	)
580
581	AC_ARG_ENABLE(external-scripts,
582	[ --disable-external-scripts disable interface to external scripts],
583	[
584	if test "x${enableval}" = xno; then
585	:
586	else
587	AC_DEFINE(WITH_EXTERNAL)
588	fi
589	],
590	[AC_DEFINE(WITH_EXTERNAL)]
591	)
592
593	AC_ARG_ENABLE(message-queue,
594	[ --enable-message-queue[[=MODE]] enable SysV message queue [[MODE=0700]]],
595	[
596	if test "x${ac_cv_header_sys_msg_h}" = "xyes"; then
597	if test "x${enable_message_queue}" = xyes; then
598	AC_DEFINE(WITH_MESSAGE_QUEUE)
599	AC_DEFINE_UNQUOTED(MESSAGE_QUEUE_MODE, 0700)
600	elif test "x${enable_message_queue}" != xno; then
601	echo "${enableval}" \| grep ['[^0123456789]'] >/dev/null 2>&1 &&
602	AC_MSG_ERROR([--enable-message-queue: MODE must be numeric])
603	echo "${enableval}" \| \
604	grep ['0[0123456789][0123456789][0123456789]'] >/dev/null 2>&1 \|\|
605	AC_MSG_ERROR([--enable-message-queue: MODE must be an octal (0nnn) number])
606	AC_DEFINE(WITH_MESSAGE_QUEUE)
607	AC_DEFINE_UNQUOTED(MESSAGE_QUEUE_MODE, ${enable_message_queue})
608	fi
609	else
610	echo
611	echo "**********************************************"
612	echo
613	AC_MSG_WARN([sys/msg.h missing, --enable-message-queue disabled])
614	echo
615	echo "**********************************************"
616	echo
617	fi
618	]
619	)
620
621	AC_ARG_WITH(cflags,
622	[ --with-cflags additional flags to pass to compiler],
623	[
624	if test "x$withval" != "xno" ; then
625	CFLAGS="$CFLAGS $withval"
626	fi
627	]
628	)
629	AC_ARG_WITH(libs,
630	[ --with-libs additional libraries to link with],
631	[
632	if test "x$withval" != "xno" ; then
633	LIBS="$LIBS $withval"
634	fi
635	]
636	)
637
638
639	#
640	# this is from ssh
641	#
642	AC_MSG_CHECKING(whether to use libwrap)
643	LIBWRAP_LIB=""
644	LIBWRAP_INC=""
645	AC_ARG_WITH(libwrap,
646	[ --with-libwrap[=PATH] Compile in libwrap (TCP Wrappers) support],
647	[ AC_MSG_RESULT($withval)
648	case "$withval" in
649	no)
650	;;
651	""\|yes)
652	LIBWRAP_LIB="-lwrap"
653	;;
654	*)
655	if test -d "$withval"; then
656	LIBWRAP_LIB="-L$withval -lwrap"
657	changequote(<<, >>)dnl
658	sh_libwrap_inc=`echo ${withval} \| sed 's%/[^/][^/]*$%%'`
659	LIBWRAP_INC="-I${sh_libwrap_inc}/include"
660	changequote([, ])dnl
661	else
662	LIBWRAP_LIB="-lwrap"
663	changequote(<<, >>)dnl
664	sh_libwrap_inc=`echo ${withval} \| sed 's%/[^/][^/]*$%%'`
665	LIBWRAP_INC="-I${sh_libwrap_inc}"
666	changequote([, ])dnl
667	fi
668	;;
669	esac
670	if test -n "$LIBWRAP_LIB"; then
671	# OLDLIBS="$LIBS"
672	LIBS="$LIBWRAP_LIB $LIBS"
673	# OLDCFLAGS="$CFLAGS"
674	CFLAGS="$CFLAGS $LIBWRAP_INC"
675	AC_CHECK_HEADER(tcpd.h,
676	[],
677	[ AC_MSG_ERROR([Could not find tcpd.h for libwrap. You must first install tcp_wrappers]) ])
678	AC_TRY_LINK([ #include <tcpd.h>
679	int allow_severity; int deny_severity; ],
680	[ hosts_access((struct request_info *) 0); ],
681	[ AC_DEFINE(SH_USE_LIBWRAP,1,[Build with tcp wrapper support]) ],
682	[ AC_MSG_ERROR([Could not find the libwrap library.]) ])
683	fi ],
684	AC_MSG_RESULT(no)
685	)
686
687
688	#
689	# this is from the snort configure.in
690	#
691	AC_DEFUN(FAIL_MESSAGE,[
692	echo
693	echo
694	echo "**********************************************"
695	echo " ERROR: unable to find" $1
696	echo " checked in the following places"
697	for i in `echo $2`; do
698	echo " $i"
699	done
700	echo "**********************************************"
701	echo
702	exit
703	])
704
705	AC_ARG_WITH(libprelude-prefix,
706	[ --with-libprelude-prefix=PFX Prefix where libprelude is installed (optional)],
707	libprelude_config_prefix="$withval", libprelude_config_prefix="")
708
709	AC_MSG_CHECKING(whether to use prelude)
710	AC_ARG_WITH(prelude,
711	[ --with-prelude Prelude IDS support [[no]]],
712	[
713	if test "x${withval}" = "xno"; then
714	AC_MSG_RESULT(no)
715	else
716	AC_MSG_RESULT(yes)
717	if test x$libprelude_config_prefix != x ; then
718	if test x${LIBPRELUDE_CONFIG+set} != xset ; then
719	LIBPRELUDE_CONFIG=$libprelude_config_prefix/bin/libprelude-config
720	fi
721	fi
722
723	AC_PATH_PROG(LIBPRELUDE_CONFIG, libprelude-config, no)
724	if test x"$LIBPRELUDE_CONFIG" = "xno" ; then
725	HAVE_PRELUDE_CONFIG=no
726	else
727	HAVE_PRELUDE_CONFIG=yes
728	fi
729	dnl AC_CHECK_PROG(HAVE_PRELUDE_CONFIG, libprelude-config, yes, no)
730	if test "$HAVE_PRELUDE_CONFIG" = "yes"; then
731	sh_libprelude_version=`$LIBPRELUDE_CONFIG --version`
732	case "$sh_libprelude_version" in
733	0.8*)
734	sh_prelude_libs=`$LIBPRELUDE_CONFIG --libs \| sed 's,\(.\)\( -L. -lprelude$\),\2 \1,'`
735	sh_prelude_cflags=`$LIBPRELUDE_CONFIG --cflags`
736	LIBS="$LIBS ${sh_prelude_libs}"
737	CFLAGS="$CFLAGS ${sh_prelude_cflags}"
738	AC_DEFINE(HAVE_LIBPRELUDE,1,[Have libprelude])
739	AC_DEFINE(HAVE_LIBPRELUDE_8,1,[Have libprelude 0.8])
740	;;
741	*)
742	AM_PATH_LIBPRELUDE([0.9.6],
743	[
744	AC_DEFINE(HAVE_LIBPRELUDE,1,[Have libprelude])
745	AC_DEFINE(HAVE_LIBPRELUDE_9,1,[Have libprelude 0.9])
746	CFLAGS="$CFLAGS $LIBPRELUDE_PTHREAD_CFLAGS"
747	LDFLAGS="$LDFLAGS $LIBPRELUDE_LDFLAGS"
748	LIBS="$LIBS $LIBPRELUDE_LIBS"
749	],
750	[
751	AC_MSG_ERROR([Could not find libprelude.])
752	])
753	;;
754	esac
755	else
756	AC_MSG_ERROR([Could not find libprelude.])
757	fi
758	fi
759	],
760	[
761	AC_MSG_RESULT(no)
762	]
763	)
764
765	dnl AC_MSG_CHECKING(whether to use prelude)
766	dnl AC_ARG_WITH(prelude,
767	dnl [ --with-prelude Prelude IDS support [[no]]],
768	dnl [
769	dnl if test "x${withval}" = "xno"; then
770	dnl AC_MSG_RESULT(no)
771	dnl else
772	dnl AC_CHECK_PROG(HAVE_PRELUDE_CONFIG, libprelude-config, yes, no)
773	dnl if test "$HAVE_PRELUDE_CONFIG" = "yes"; then
774	dnl sh_prelude_libs=`libprelude-config --libs \| sed 's,\(.\)\( -L. -lprelude$\),\2 \1,'`
775	dnl sh_prelude_cflags=`libprelude-config --cflags`
776	dnl LIBS="$LIBS ${sh_prelude_libs}"
777	dnl CFLAGS="$CFLAGS ${sh_prelude_cflags}"
778	dnl AC_DEFINE(HAVE_LIBPRELUDE,1,[Have libprelude])
779	dnl else
780	dnl AC_MSG_ERROR([Could not find libprelude-config. Did you specify a valid path?])
781	dnl fi
782	dnl fi
783	dnl ],
784	dnl AC_MSG_RESULT(no)
785	dnl )
786
787	AC_ARG_ENABLE(static,
788	[ --enable-static enable static linking (recommended) [[no]]],
789	[
790	if test x$enable_static = xyes; then
791	if test x"$mynetbsd" = xyes
792	then
793	tmp_LIBS=`echo $LIBS \| sed 's%\-lresolv%%' `
794	LIBS="${tmp_LIBS}"
795	fi
796	AC_DEFINE(SH_COMPILE_STATIC, 1, [Define if compiling static])
797	if test "x$GCC" = "xyes"; then
798	LDFLAGS="$LDFLAGS -static"
799	else
800	case "$host_os" in
801
802	aix)
803	LDFLAGS="$LDFLAGS -bnso -bI:/lib/syscalls.exp"
804	;;
805
806	hpux)
807	LDFLAGS="$LDFLAGS -Wl,-a,archive"
808	;;
809
810	osf)
811	LDFLAGS="$LDFLAGS -non_shared"
812	;;
813
814	irix)
815	LDFLAGS="$LDFLAGS -non_shared"
816	;;
817
818	sco)
819	LDFLAGS="$LDFLAGS -dn"
820	;;
821
822	sun)
823	LDFLAGS="$LDFLAGS -Bstatic"
824	;;
825
826	solaris)
827	LDFLAGS="$LDFLAGS -Bstatic"
828	;;
829
830	*)
831	echo "***********************************************"
832	echo "*"
833	echo "* Don't know how to enable static linking"
834	echo "* with your compiler. Please set the environment"
835	echo "* variable LDFLAGS to:"
836	echo "* ${LDFLAGS} + the static linking flag"
837	echo "* and run configure again"
838	echo "*"
839	echo "***********************************************"
840	;;
841
842	esac
843	fi
844	fi
845	]
846	)
847
848	#
849	# partly based on the snort configure.in
850	#
851	AC_ARG_WITH(database,
852	[ --with-database=[[mysql\|postgresql\|oracle\|odbc]] database support [[no]]],
853	[
854	if test x"$enable_xml_log" != xyes; then
855	AC_MSG_ERROR([--with-database: --enable-xml-log required])
856	fi
857	if test "x${withval}" = "xmysql"; then
858	AC_CHECK_PROG(HAVE_MYSQL_CONFIG, mysql_config, yes, no)
859	if test "$HAVE_MYSQL_CONFIG" = "yes"; then
860	# echo "mysql_config found"
861	sh_mysql_libs="`mysql_config --libs`"
862	# echo ${sh_mysql_libs}
863	sh_mysql_libs="`eval echo ${sh_mysql_libs}`"
864	# echo $mysql_libs
865	# save_libs="$LIBS"
866	# LIBS="$LIBS `mysql_config --libs`"
867	# echo $LIBS
868	LIBS="$LIBS ${sh_mysql_libs}"
869	# echo $LIBS
870	sh_mysql_cflags="`mysql_config --cflags`"
871	sh_mysql_cflags="`eval echo ${sh_mysql_cflags}`"
872	# CFLAGS="$CFLAGS `mysql_config --cflags`"
873	# CFLAGS="$CFLAGS ${sh_mysql_cflags}"
874	CPPFLAGS="$CPPFLAGS ${sh_mysql_cflags}"
875	else
876	AC_MSG_CHECKING(for MySQL in /usr /usr/local /usr/local/mysql MYSQL_HOME)
877	mysql_directory="/usr /usr/local /usr/local/mysql ${MYSQL_HOME}"
878
879	for i in $mysql_directory; do
880	if test -r $i/include/mysql/mysql.h; then
881	MYSQL_DIR=$i
882	MYSQL_INC_DIR=$i/include
883	# we use AC_CHECK_HEADERS to check for mysql/mysql.h
884	fi
885	done
886	if test -z "$MYSQL_DIR"; then
887	for i in $mysql_directory; do
888	if test -r $i/include/mysql.h; then
889	MYSQL_DIR=$i
890	MYSQL_INC_DIR=$i/include
891	fi
892	done
893	fi
894
895	if test -z "$MYSQL_DIR"; then
896	tmp=""
897	for i in $mysql_directory; do
898	tmp="$tmp $i/include $i/include/mysql"
899	done
900	FAIL_MESSAGE("mysql headers (mysql.h)", $tmp)
901	fi
902
903	for i in lib lib/mysql; do
904	str="$MYSQL_DIR/$i/libmysqlclient.*"
905	for j in `echo $str`; do
906	if test -r $j; then
907	MYSQL_LIB_DIR="$MYSQL_DIR/$i"
908	break 2
909	fi
910	done
911	done
912
913	if test -z "$MYSQL_LIB_DIR"; then
914	for ff in $mysql_directory; do
915	for i in lib lib/mysql; do
916	str="$ff/$i/libmysqlclient.*"
917	for j in `echo $str`; do
918	if test -r $j; then
919	MYSQL_LIB_DIR="$ff/$i"
920	break 3
921	fi
922	done
923	done
924	done
925	fi
926
927	if test -z "$MYSQL_LIB_DIR"; then
928	tmp=""
929	for i in $mysql_directory; do
930	tmp="$i/lib $i/lib/mysql"
931	done
932	FAIL_MESSAGE("mysql library libmysqlclient", $tmp)
933	fi
934
935	AC_MSG_RESULT(yes)
936	LIBS="$LIBS -L${MYSQL_LIB_DIR} -lmysqlclient"
937	# CFLAGS="$CFLAGS -I${MYSQL_INC_DIR}"
938	CPPFLAGS="$CPPFLAGS -I${MYSQL_INC_DIR}"
939	fi
940	AC_DEFINE(WITH_MYSQL)
941	AC_DEFINE(WITH_DATABASE)
942	AC_CHECK_LIB(z, inflateEnd, [zlib_cv_libz=yes], [zlib_cv_libz=no])
943	AC_MSG_CHECKING(for zlib)
944	if test "$zlib_cv_libz" = "yes"
945	then
946	LIBS="$LIBS -lz -lm"
947	AC_MSG_RESULT(ok)
948	else
949	AC_MSG_RESULT(failed)
950	echo
951	echo " Either the mysql or the zlib library was not found"
952	echo " or was unusable, maybe because an old, incompatible"
953	echo " version is installed on your system, eg compiled from"
954	echo " source long time ago. See config.log for the error"
955	echo " message from the compiler."
956	echo " Please review your installed mysql and zlib libraries"
957	echo " and/or use --with-libs=-L/path/to/libdirectory"
958	echo " where libdirectory is the directory holding libmysql"
959	echo " or libz."
960	if test x"$enable_static" = xyes; then
961	echo " Note that for compiling a static binary, you need"
962	echo " the static libraries, rather than the shared ones."
963	fi
964	echo
965	AC_MSG_ERROR([libmysql or zlib not found or unuseable])
966	fi
967	AC_CHECK_HEADERS(mysql/mysql.h)
968	elif test "x${withval}" = "xpostgresql"; then
969	AC_DEFINE(WITH_POSTGRES)
970	AC_DEFINE(WITH_DATABASE)
971	#
972	PGCONF="no"
973	MY_PATH="${PATH}:/usr/local/bin:/usr/local/pgsql/bin"
974	OLD_IFS="$IFS"
975	IFS=":"
976	for ff in ${MY_PATH}
977	do
978	if test -f "$ff/pg_config"
979	then
980	PGCONF="$ff/pg_config"
981	fi
982	done
983	IFS="${OLD_IFS}"
984	#
985	#
986	if test "x${PGCONF}" = "xno"
987	then
988	AC_MSG_CHECKING(for PostgreSQL in /usr/local/pgsql /usr/pgsql /usr/local /usr PGSQL_HOME)
989	pgsql_directory="/usr/local/pgsql /usr/pgsql /usr/local /usr ${PGSQL_HOME}"
990	for i in $pgsql_directory; do
991	if test -r $i/include/pgsql/libpq-fe.h; then
992	PGSQL_INC_DIR=$i/include
993	PGSQL_DIR=$i
994	# use AC_CHECK_HEADERS to check for pgsql/libpq-fe.h
995	fi
996	done
997	if test -z "$PGSQL_DIR"; then
998	for i in $pgsql_directory; do
999	if test -r $i/include/libpq-fe.h; then
1000	PGSQL_INC_DIR=$i/include
1001	PGSQL_DIR=$i
1002	fi
1003	done
1004	fi
1005
1006	if test -z "$PGSQL_DIR"; then
1007	tmp=""
1008	for i in $pgsql_directory; do
1009	tmp="$tmp $i/include $i/include/pgsql"
1010	done
1011	FAIL_MESSAGE("PostgreSQL header file (libpq-fe.h)", $tmp)
1012	fi
1013
1014	for i in lib lib/pgsql; do
1015	str="$PGSQL_DIR/$i/libpq.*"
1016	for j in `echo $str`; do
1017	if test -r $j; then
1018	PGSQL_LIB_DIR="$PGSQL_DIR/$i"
1019	break 2
1020	fi
1021	done
1022	done
1023
1024	if test -z "$PGSQL_LIB_DIR"; then
1025	for ff in $pgsql_directory; do
1026	for i in lib lib/pgsql; do
1027	str="$ff/$i/libpq.*"
1028	for j in `echo $str`; do
1029	if test -r $j; then
1030	PGSQL_LIB_DIR="$ff/$i"
1031	break 3
1032	fi
1033	done
1034	done
1035	done
1036	fi
1037
1038	if test -z "$PGSQL_LIB_DIR"; then
1039	tmp=""
1040	for i in $pgsql_directory; do
1041	tmp="$i/lib $i/lib/pgsql"
1042	done
1043	FAIL_MESSAGE("postgresql library libpq", $tmp)
1044	fi
1045
1046	AC_MSG_RESULT(yes)
1047
1048	LIBS="$LIBS -L${PGSQL_LIB_DIR} -lpq -lm"
1049	if test x"$enable_static" = xyes; then
1050	LIBS="$LIBS -L${PGSQL_LIB_DIR} -lpq -lcrypt -lm"
1051	else
1052	LIBS="$LIBS -L${PGSQL_LIB_DIR} -lpq -lm"
1053	fi
1054	# CFLAGS="$CFLAGS -I${PGSQL_INC_DIR}"
1055	CPPFLAGS="$CPPFLAGS -I${PGSQL_INC_DIR}"
1056	AC_CHECK_HEADERS(pgsql/libpq-fe.h)
1057	else
1058	pg_lib_dir=`${PGCONF} --libdir`
1059	if test x"$enable_static" = xyes; then
1060	LIBS="$LIBS -L${pg_lib_dir} -lpq -lcrypt -lm"
1061	else
1062	LIBS="$LIBS -L${pg_lib_dir} -lpq -lm"
1063	fi
1064	pg_inc_dir=`${PGCONF} --includedir`
1065	# CFLAGS="$CFLAGS -I${pg_inc_dir}"
1066	CPPFLAGS="$CPPFLAGS -I${pg_inc_dir}"
1067	fi
1068	elif test "x${withval}" = "xodbc"; then
1069	AC_MSG_CHECKING(for odbc in /usr /usr/local ODBC_HOME)
1070	odbc_directory="/usr /usr/local"
1071
1072	for i in $odbc_directory; do
1073	if test -r $i/include/sql.h; then
1074	if test -r $i/include/sqlext.h; then
1075	if test -r $i/include/sqltypes.h; then
1076	ODBC_DIR=$i
1077	ODBC_INC_DIR=$i/include
1078	fi
1079	fi
1080	fi
1081	done
1082
1083	if test -z "$ODBC_DIR"; then
1084	tmp=""
1085	for i in $odbc_directory; do
1086	tmp="$tmp $i/include"
1087	done
1088	FAIL_MESSAGE("odbc headers (sql.h sqlext.h sqltypes.h)", $tmp)
1089	fi
1090
1091	str="$ODBC_DIR/lib/libodbc.*"
1092	for j in `echo $str`; do
1093	if test -r $j; then
1094	ODBC_LIB_DIR="$ODBC_DIR/lib"
1095	ODBC_LIB="odbc"
1096	fi
1097	done
1098
1099	if test -z "$ODBC_LIB_DIR"; then
1100	FAIL_MESSAGE("odbc library (libodbc)", "$ODBC_DIR/lib")
1101	fi
1102
1103	AC_MSG_RESULT(yes)
1104	CPPFLAGS="${CPPFLAGS} -I${ODBC_INC_DIR}"
1105	LIBS="${LIBS} -L${ODBC_LIB_DIR} -l$ODBC_LIB"
1106	AC_DEFINE(WITH_ODBC)
1107	AC_DEFINE(WITH_DATABASE)
1108
1109	elif test "x${withval}" = "xoracle"; then
1110	AC_MSG_CHECKING(for oracle in /usr /usr/local ORACLE_HOME)
1111	oracle_directory="/usr /usr/local ${ORACLE_HOME}"
1112	for i in $oracle_directory; do
1113	if test -r $i/rdbms/demo/oci.h; then
1114	ORACLE_DIR=$i
1115	fi
1116	done
1117
1118	if test -z "$ORACLE_DIR"; then
1119	tmp=""
1120	for i in $oracle_directory; do
1121	tmp="$tmp $i/rdbms/demo"
1122	done
1123	FAIL_MESSAGE("OCI header file (oci.h)", $tmp)
1124	else
1125	for i in rdbms/demo rdbms/public network/public; do
1126	ORACLE_CPP_FLAGS="$ORACLE_CPP_FLAGS -I$ORACLE_DIR/$i"
1127	done
1128	ORACLE_LIB_DIR="$ORACLE_DIR/lib"
1129	AC_MSG_RESULT(yes)
1130
1131	CPPFLAGS="${CPPFLAGS} ${ORACLE_CPP_FLAGS}"
1132
1133	ORACLE_LIBS="-lclntsh"
1134	if test -r $ORACLE_LIB_DIR/libwtc9.so; then
1135	ORACLE_LIBS="${ORACLE_LIBS} -lwtc9"
1136	elif test -r $ORACLE_LIB_DIR/libwtc8.so; then
1137	ORACLE_LIBS="${ORACLE_LIBS} -lwtc8"
1138	fi
1139	LIBS="${LIBS} -L${ORACLE_LIB_DIR} ${ORACLE_LIBS}"
1140	fi
1141	AC_DEFINE(WITH_ORACLE)
1142	AC_DEFINE(WITH_DATABASE)
1143
1144	else
1145	AC_MSG_ERROR([--with-database: unsupported database ${withval}])
1146	fi
1147	]
1148	)
1149
1150	AC_ARG_WITH(console,
1151	[ --with-console=PATH set path to console device [[/dev/console]]],
1152	[
1153	if test "x${withval}" != xno; then
1154	mycons="$withval"
1155	AC_DEFINE_UNQUOTED(DEFAULT_CONSOLE, _("${mycons}") )
1156	fi
1157	])
1158
1159	AC_ARG_WITH(altconsole,
1160	[ --with-altconsole=PATH set path to second console device [[none]]],
1161	[
1162	if test "x${withval}" != xno; then
1163	myaltcons="$withval"
1164	else
1165	myaltcons="NULL"
1166	fi
1167	],
1168	[myaltcons="NULL"])
1169	AC_DEFINE_UNQUOTED(ALT_CONSOLE, _("${myaltcons}") )
1170
1171	AC_ARG_WITH(timeserver,
1172	[ --with-timeserver=HOST set host address for time server [[none]]],
1173	[
1174	if test "x${withval}" != xno; then
1175	mytimeserv="$withval"
1176	AC_DEFINE(HAVE_NTIME)
1177	else
1178	mytimeserv="NULL"
1179	fi
1180	],
1181	mytimeserv="NULL")
1182	AC_DEFINE_UNQUOTED(DEFAULT_TIMESERVER, _("${mytimeserv}") )
1183
1184	AC_ARG_WITH(alttimeserver,
1185	[ --with-alttimeserver=HOST set address for backup time server [[none]]],
1186	[
1187	if test "x${withval}" != xno; then
1188	myalttimeserv="$withval"
1189	AC_DEFINE(HAVE_NTIME)
1190	else
1191	myalttimeserv="NULL"
1192	fi
1193	],
1194	myalttimeserv="NULL")
1195	AC_DEFINE_UNQUOTED(ALT_TIMESERVER, _("${myalttimeserv}") )
1196
1197	AC_ARG_ENABLE(login-watch,
1198	[ --enable-login-watch watch for login/logout [[no]]],
1199	[
1200	if test "x${enable_login_watch}" = xyes; then
1201	AC_DEFINE(SH_USE_UTMP)
1202	fi
1203	]
1204	)
1205
1206	AC_ARG_ENABLE(mounts-check,
1207	[ --enable-mounts-check check mount options on filesystems [[no]]],
1208	[
1209	if test "x${enable_mounts_check}" = xyes; then
1210	AC_DEFINE(SH_USE_MOUNTS)
1211	fi
1212	]
1213	)
1214
1215	AC_ARG_ENABLE(userfiles,
1216	[ --enable-userfiles check for users' config files [[no]]],
1217	[
1218	if test "x${enableval}" = "xyes"; then
1219	AC_DEFINE(SH_USE_USERFILES)
1220	fi
1221	]
1222	)
1223
1224	AC_ARG_ENABLE(debug,
1225	[ --enable-debug enable debug options [[no]]],
1226	[
1227	if test "x${enable_debug}" = "xyes"; then
1228	if test "x${mydebugflag}" != "xyes"; then
1229	AC_DEFINE(MEM_DEBUG)
1230	fi
1231	AC_DEFINE(WITH_TPT)
1232	AC_DEFINE(SL_DEBUG)
1233	AC_DEFINE(SL_FAIL_ON_ERROR)
1234	if test "x${myneedg3}" = "xyes"; then
1235	mydebugdef="-g3"
1236	else
1237	mydebugdef="-g"
1238	fi
1239	mydebugit="yes"
1240	fi
1241	]
1242	)
1243	AC_SUBST(mydebugdef)
1244
1245	AC_ARG_ENABLE(ptrace,
1246	[ --enable-ptrace use anti-debugger options [[no]]],
1247	[
1248	if test "x${enable_ptrace}" = xyes; then
1249	if test "x$mydebugit" != "xyes"; then
1250	AC_DEFINE(SCREW_IT_UP)
1251	fi
1252	fi
1253	]
1254	)
1255
1256	dnl
1257	if test "x$GCC" = "xyes"; then
1258	if test ! -z "`echo "$CFLAGS" \| grep "\-g\ " 2> /dev/null`" ; then
1259	CFLAGS=`echo $CFLAGS \| sed 's%\-g%%' `
1260	fi
1261
1262	dnl if test ! -z "`echo "$CFLAGS" \| grep "\-O2" 2> /dev/null`" ; then
1263	dnl CFLAGS=`echo $CFLAGS \| sed 's%\-O2%\-O3%' `
1264	dnl fi
1265
1266	if test -z "`echo "$CFLAGS" \| grep "\-Wall" 2> /dev/null`" ; then
1267	CFLAGS="$CFLAGS -Wall -W "
1268	fi
1269
1270	if test -z "`echo "$CFLAGS" \| grep "\-fstrength\-reduce" 2> /dev/null`"
1271	then
1272	if test -z "`echo "$CFLAGS" \| grep "\-fno\-strength\-reduce" 2> /dev/null`"
1273	then
1274	CFLAGS="$CFLAGS -fno-strength-reduce"
1275	fi
1276	fi
1277
1278	if test -z "`echo "$CFLAGS" \| grep "\-fomit\-frame\-pointer" 2> /dev/null`"
1279	then
1280	if test -z "`echo "$CFLAGS" \| grep "\-fno\-omit\-frame\-pointer" 2> /dev/null`"
1281	then
1282	CFLAGS="$CFLAGS -fno-omit-frame-pointer"
1283	fi
1284	fi
1285
1286	fi
1287
1288	AC_MSG_CHECKING([which random module to use])
1289	AC_ARG_WITH(rnd,
1290	[ --with-rnd=[[egd\|unix\|dev\|default]] random number generator [[default]]],
1291	[use_static_rnd=$withval], [use_static_rnd=default] )
1292
1293	if test "$use_static_rnd" = no; then
1294	use_static_rnd=default
1295	fi
1296
1297	case "$use_static_rnd" in
1298	egd \| dev \| unix \| default )
1299	AC_MSG_RESULT($use_static_rnd)
1300	;;
1301	* )
1302	AC_MSG_RESULT([invalid argument])
1303	AC_MSG_ERROR([--with-rnd: there is no random module ${use_static_rnd}])
1304	;;
1305	esac
1306
1307	AC_ARG_WITH(egd-socket,
1308	[ --with-egd-socket=NAME EGD socket name],
1309	egd_socket_name="$withval", egd_socket_name="" )
1310	AC_DEFINE_UNQUOTED(EGD_SOCKET_NAME, _("$egd_socket_name") )
1311
1312	dnl
1313	dnl See whether the user wants to disable checking for /dev/random
1314
1315	try_dev_random=yes
1316
1317	case "$use_static_rnd" in
1318	dev \| default )
1319	try_dev_random=yes
1320	;;
1321	egd)
1322	AC_DEFINE(HAVE_EGD_RANDOM)
1323	try_dev_random=no
1324	;;
1325	unix)
1326	AC_DEFINE(HAVE_UNIX_RANDOM)
1327	try_dev_random=no
1328	;;
1329	esac
1330
1331
1332	if test "x$try_dev_random" = "xyes"; then
1333	AC_MSG_CHECKING(whether /dev/random exists)
1334	if test -r "/dev/srandom" && test -c "/dev/srandom"; then
1335	AC_DEFINE(HAVE_URANDOM)
1336	AC_DEFINE_UNQUOTED(NAME_OF_DEV_RANDOM, _("/dev/srandom") )
1337	AC_MSG_RESULT(yes)
1338	if test -r "/dev/urandom" && test -c "/dev/urandom"; then
1339	AC_DEFINE_UNQUOTED(NAME_OF_DEV_URANDOM, _("/dev/urandom") )
1340	fi
1341	else
1342	if test -r "/dev/random" && test -c "/dev/random"; then
1343	AC_DEFINE(HAVE_URANDOM)
1344	AC_DEFINE_UNQUOTED(NAME_OF_DEV_RANDOM, _("/dev/random") )
1345	AC_MSG_RESULT(yes)
1346	if test -r "/dev/urandom" && test -c "/dev/urandom"; then
1347	AC_DEFINE_UNQUOTED(NAME_OF_DEV_URANDOM, _("/dev/urandom") )
1348	fi
1349	else
1350	AC_MSG_RESULT(no)
1351	AC_DEFINE(HAVE_UNIX_RANDOM)
1352	fi
1353	fi
1354	fi
1355
1356
1357	dnl
1358	dnl NETWORK OPTIONS
1359	dnl
1360
1361
1362	AC_ARG_ENABLE(network,
1363	[ --enable-network=[[client\|server]] compile client or server [[no]]],
1364	[
1365	if test "x$enable_network" = xclient; then
1366	mytclient="-DSH_WITH_CLIENT"
1367	yulectl_prg=
1368	setpwd_prg="samhain_setpwd"
1369	sh_main_prg="samhain"
1370	if test "x${sh_have_gmp}" = xyes
1371	then
1372	LIBS="-lgmp $LIBS"
1373	fi
1374	dnl AC_CHECK_HEADER(sys/capability.h,
1375	dnl [AC_CHECK_LIB(cap, cap_get_proc,,sh_use_lcaps="no")],
1376	dnl [sh_use_lcaps="no"])
1377	elif test "x$enable_network" = xserver; then
1378	mytclient="-DSH_WITH_SERVER"
1379	yulectl_prg="yulectl"
1380	setpwd_prg="samhain_setpwd"
1381	sh_main_prg="yule"
1382	if test "x${sh_have_gmp}" = xyes
1383	then
1384	LIBS="-lgmp $LIBS"
1385	fi
1386	sh_use_lcaps="undef"
1387	elif test "x$enable_network" = xno; then
1388	mytclient="-DSH_STANDALONE"
1389	yulectl_prg=
1390	setpwd_prg=
1391	sh_main_prg="samhain"
1392	dnl AC_CHECK_HEADER(sys/capability.h,
1393	dnl [AC_CHECK_LIB(cap, cap_get_proc,,sh_use_lcaps="no")],
1394	dnl [sh_use_lcaps="no"])
1395	else
1396	AC_MSG_ERROR([--enable-network=WHAT: WHAT must be client, server, or no])
1397	fi
1398	],
1399	[
1400	mytclient="-DSH_STANDALONE"
1401	setpwd_prg=
1402	yulectl_prg=
1403	sh_main_prg="samhain"
1404	dnl AC_CHECK_HEADER(sys/capability.h,
1405	dnl [AC_CHECK_LIB(cap, cap_get_proc,,sh_use_lcaps="no")],
1406	dnl [sh_use_lcaps="no"])
1407	],
1408	)
1409	AC_SUBST(setpwd_prg)
1410	AC_SUBST(yulectl_prg)
1411	AC_SUBST(sh_main_prg)
1412	AC_SUBST(mytclient)
1413
1414	# needed for the rpm spec
1415	clmytclient=`echo ${mytclient} \| sed s%\-%%`
1416	AC_SUBST(clmytclient)
1417
1418	AC_ARG_ENABLE(udp,
1419	[ --enable-udp server can listen on port 514/udp [[no]]],
1420	[
1421	if test "x${enable_udp}" = xyes; then
1422	AC_DEFINE(INET_SYSLOG)
1423	fi
1424	]
1425	)
1426
1427	myencrypt=yes
1428	AC_ARG_ENABLE(encrypt,
1429	[ --disable-encrypt disable client/server encryption],
1430	[
1431	if test "x${enable_encrypt}" = xno; then
1432	myencrypt=no
1433	elif test "x${enable_encrypt}" = "x1"; then
1434	myencrypt=1
1435	fi
1436	]
1437	)
1438	if test "x${myencrypt}" = "xyes"; then
1439	AC_DEFINE(SH_ENCRYPT)
1440	AC_DEFINE(SH_ENCRYPT_2)
1441	elif test "x${myencrypt}" = "x1"; then
1442	AC_DEFINE(SH_ENCRYPT)
1443	fi
1444
1445	sh_use_srp_proto=yes
1446	AC_ARG_ENABLE(srp,
1447	[ --disable-srp disable SRP for authentication],
1448	[
1449	if test "x${enable_srp}" = xno; then
1450	sh_use_srp_proto=no
1451	fi
1452	]
1453	)
1454	if test "x${sh_use_srp_proto}" = xyes; then
1455	AC_DEFINE(USE_SRP_PROTOCOL)
1456	fi
1457
1458	AC_ARG_WITH(port,
1459	[ --with-port=PORT set port to use for TCP/IP connection [[49777]]],
1460	[
1461	echo "${withval}" \| grep ['[^0123456789]'] >/dev/null 2>&1 &&
1462	AC_MSG_ERROR([--with-port: PORT must be numeric])
1463	myport=${withval}
1464	],
1465	[myport="49777"])
1466	AC_DEFINE_UNQUOTED(SH_DEFAULT_PORT, ${myport})
1467	AC_SUBST(myport)
1468
1469	AC_ARG_WITH(logserver,
1470	[ --with-logserver=HOST set host address for log server [[none]]],
1471	[
1472	case "$withval" in
1473	. \| localhost)
1474	mylogsrv="$withval"
1475	;;
1476	*)
1477	mylogsrv="$withval"
1478	;;
1479	esac
1480	],
1481	[mylogsrv="NULL"])
1482	AC_DEFINE_UNQUOTED(DEFAULT_LOGSERVER, _("${mylogsrv}") )
1483	AC_SUBST(mylogsrv)
1484
1485	AC_ARG_WITH(altlogserver,
1486	[ --with-altlogserver=HOST set address for backup log server [[none]]],
1487	[
1488	case "$withval" in
1489	. \| localhost)
1490	myaltlogsrv="$withval"
1491	;;
1492	*)
1493	myaltlogsrv="$withval"
1494	;;
1495	esac
1496	],
1497	[myaltlogsrv="NULL"])
1498	AC_DEFINE_UNQUOTED(ALT_LOGSERVER, _("${myaltlogsrv}"))
1499
1500
1501
1502	dnl
1503	dnl STEALTH OPTIONS
1504	dnl
1505	nocl_code=
1506	xor_code=0
1507	AC_ARG_ENABLE(nocl,
1508	[ --enable-nocl=PW no CL parsing unless first CL argument is PW],
1509	[
1510	if test "x${enableval}" != "x"; then
1511	AC_DEFINE(SH_STEALTH_NOCL)
1512	fi
1513	if test "x${enableval}" = "xstop" \|\| test "x${enableval}" = "xstart"; then
1514	AC_MSG_ERROR([--enable-nocl: start/stop/reload/restart/status are reserved words])
1515	fi
1516	if test "x${enableval}" = "xreload" \|\| test "x${enableval}" = "xrestart"; then
1517	AC_MSG_ERROR([--enable-nocl: start/stop/reload/restart/status are reserved words])
1518	fi
1519	if test "x${enableval}" = "xstatus"; then
1520	AC_MSG_ERROR([--enable-nocl: start/stop/reload/restart/status are reserved words])
1521	fi
1522	if test "x${enableval}" = "xno"; then
1523	AC_MSG_ERROR([--enable-nocl: use of --enable-nocl=no is ambiguous])
1524	fi
1525	nocl_code="${enable_nocl}"
1526	]
1527	)
1528	AC_DEFINE_UNQUOTED(NOCL_CODE, _("${nocl_code}") )
1529	AC_SUBST(nocl_code)
1530	AC_ARG_ENABLE(stealth,
1531	[ --enable-stealth=XOR_VAL enable stealth mode [[no]]],
1532	[AC_DEFINE(SH_STEALTH)
1533	if test "x${enableval}" != "xyes"; then
1534	echo "${enableval}" \| grep ['[^0123456789]'] >/dev/null 2>&1 &&
1535	AC_MSG_ERROR([--enable-stealth: XOR_VAL must be numeric])
1536	if test "${enableval}" -lt 127 \|\| test "${enableval}" -gt 255; then
1537	if test x"${enableval}" = x0
1538	then
1539	:
1540	else
1541	AC_MSG_ERROR([--enable-stealth: XOR_VAL must be in the range 127 to 255])
1542	fi
1543	fi
1544	xor_code="${enable_stealth}"
1545	else
1546	xor_code=0
1547	fi
1548	stegin_prg="samhain_stealth"
1549	],
1550	[
1551	stegin_prg=
1552	]
1553	)
1554	AC_ARG_ENABLE(micro-stealth,
1555	[ --enable-micro-stealth=XOR_VAL enable micro stealth mode [[no]]],
1556	[
1557	AC_DEFINE(SH_STEALTH)
1558	AC_DEFINE(SH_STEALTH_MICRO)
1559	if test "x${enableval}" != "xyes"; then
1560	echo "${enableval}" \| grep ['[^0123456789]'] >/dev/null 2>&1 &&
1561	AC_MSG_ERROR([--enable-micro-stealth: XOR_VAL must be numeric])
1562	if test "${enableval}" -lt 127 \|\| test "${enableval}" -gt 255; then
1563	if test x"${enableval}" = x0
1564	then
1565	:
1566	else
1567	AC_MSG_ERROR([--enable-micro-stealth: XOR_VAL must be in the range 127 to 255])
1568	fi
1569	fi
1570	xor_code="${enable_micro_stealth}"
1571	else
1572	xor_code=0
1573	fi
1574	]
1575	)
1576	install_name="samhain"
1577	INSTALL_NAME="SAMHAIN"
1578	AC_ARG_ENABLE(install-name,
1579	[ --enable-install-name=NAME name under which to install [[samhain\|yule]]],
1580	[
1581	if test "x${enableval}" != "xyes"; then
1582	install_name="${enableval}"
1583	INSTALL_NAME=`echo "${enableval}" \| tr [a-z] [A-Z]`
1584	else
1585	install_name="${sh_main_prg}"
1586	INSTALL_NAME=`echo "${sh_main_prg}" \| tr [a-z] [A-Z]`
1587	fi
1588	],
1589	[
1590	install_name="${sh_main_prg}"
1591	INSTALL_NAME=`echo "${sh_main_prg}" \| tr [a-z] [A-Z]`
1592	]
1593	)
1594
1595
1596	need_user_install=0
1597
1598	AC_ARG_ENABLE(identity,
1599	[ --enable-identity=USER user if dropping root [[daemon]]],
1600	[
1601	if test x"$enableval" = xno; then
1602	myident="daemon"
1603	else
1604	myident="$enableval"
1605	fi
1606	echo "${myident}" \| grep ['[^0123456789]'] >/dev/null 2>&1 \|\| \
1607	AC_MSG_ERROR([--enable-identity: need username, not UID])
1608	myident_uid=`(cat /etc/passwd; ypcat passwd) 2>/dev/null \|\
1609	grep "^${myident}:" \| awk -F: '{ print $3; }'`
1610	if test x"${myident_uid}" = x; then
1611	AC_MSG_WARN([--enable-identity: user ${myident} will be added upon install])
1612	need_user_install=1
1613	fi
1614	],
1615	[
1616	for myident in ${install_name} daemon nobody; do
1617	AC_MSG_CHECKING(for user ${myident})
1618	myident_uid=`(cat /etc/passwd; ypcat passwd) 2>/dev/null \|\
1619	grep "^${myident}:" \| awk -F: '{ print $3; }'`
1620	if test x"${myident_uid}" != x; then
1621	AC_MSG_RESULT(yes)
1622	break;
1623	else
1624	AC_MSG_RESULT(no)
1625	fi
1626	done
1627	if test x"${myident_uid}" = x; then
1628	myident=${install_name}
1629	AC_MSG_WARN([--enable-identity: user ${myident} will be added upon install])
1630	need_user_install=1
1631	fi
1632	])
1633	AC_DEFINE_UNQUOTED(DEFAULT_IDENT, _("${myident}") )
1634	AC_SUBST(myident)
1635	AC_SUBST(need_user_install)
1636
1637	sh_insmod_cmd=": # no kernel module"
1638	sh_lkm=""
1639	lkm_inc=""
1640	khidemap="/boot/System.map"
1641	sh_syscalltable="0x0"
1642	AC_ARG_ENABLE(khide,
1643	[ --enable-khide=SYSTEM_MAP use kernel module to hide (Linux only)[[/boot/System.map]]],
1644	[
1645	if test "x${enable_khide}" != xno; then
1646	if test "x${enableval}" != "xyes"; then
1647	khidemap="${enableval}"
1648	fi
1649	sh_syscalltable=`egrep '(D\|d\|R\|r) sys_call_table' ${khidemap} \| awk '{print $1}'`
1650	if test x"$sh_syscalltable" = x; then
1651	AC_MSG_ERROR([--enable-khide: symbol sys_call_table not found in ${khidemap}])
1652	fi
1653	sh_syscalltable="0x${sh_syscalltable}"
1654	install_name_len=`echo ${install_name} \| awk '{ print(length()); }'`
1655	if test "${install_name_len}" -gt 15 ; then
1656	AC_MSG_ERROR([--enable-khide: install_name exceeds 15 char length limit])
1657	fi
1658	AC_DEFINE(SH_USE_LKM)
1659	AC_DEFINE_UNQUOTED(SH_MAGIC_HIDE, "${install_name}")
1660
1661	# -- NEW --
1662	kernel_version=`uname -r \| sed s,2.6.*,LINUX26,`
1663	if test x"$kernel_version" = xLINUX26
1664	then
1665	sh_modlist_lock=`egrep ['[bd] modlist_lock$'] ${khidemap} \| awk '{print $1}'`
1666	if test x"$sh_modlist_lock" = x; then
1667	AC_MSG_ERROR([--enable-khide: symbol modlist_lock not found in ${khidemap}])
1668	fi
1669	sh_modlist_lock="0x${sh_modlist_lock}"
1670	AC_DEFINE_UNQUOTED(SH_MODLIST_LOCK, ${sh_modlist_lock}, [The address of the modules list spinlock])
1671
1672	sh_list_modules=`egrep 'd modules$' ${khidemap} \| awk '{print $1}'`
1673	if test x"$sh_list_modules" = x; then
1674	AC_MSG_ERROR([--enable-khide: symbol modules not found in ${khidemap}])
1675	fi
1676	sh_list_modules="0x${sh_list_modules}"
1677	AC_DEFINE_UNQUOTED(SH_LIST_MODULES, ${sh_list_modules}, [The address of the modules list])
1678
1679	AC_DEFINE(LINUX26, 1, [Define if kernel is 2.6])
1680	sh_insmod_cmd="modprobe ${install_name}_hide"
1681	sh_lkm="samhain_hide.ko"
1682	else
1683	sh_insmod_cmd="insmod ${install_name}_hide; insmod ${install_name}_erase; rmmod ${install_name}_erase"
1684	sh_lkm="samhain_hide.o samhain_erase.o"
1685	fi
1686	# -- END NEW --
1687
1688	kvers=`uname -r`
1689	if test -f /lib/modules/${kvers}/build/include/linux/kernel.h; then
1690	lkm_inc="-I/lib/modules/${kvers}/build/include"
1691	else
1692	AC_MSG_WARN([--enable-khide: /lib/modules/${kvers}/build/include/linux not found])
1693	AC_MSG_WARN([--enable-khide: You may need to install the kernel-source])
1694	AC_MSG_WARN([--enable-khide: headers for the currently-running kernel.])
1695	fi
1696	sh_is_vanilla_kernel=yes
1697	if test -f /lib/modules/${kvers}/build/include/linux/sched.h; then
1698	grep 'next_task,' /lib/modules/${kvers}/build/include/linux/sched.h >/dev/null 2>&1 \|\| sh_is_vanilla_kernel=no
1699	fi
1700	if test x"${sh_is_vanilla_kernel}" = xno; then
1701	echo "This is not a 2.4 vanilla kernel"
1702	else
1703	AC_DEFINE(SH_VANILLA_KERNEL)
1704	fi
1705	fi
1706	]
1707	)
1708	AC_SUBST(lkm_inc)
1709	AC_SUBST(sh_lkm)
1710	AC_SUBST(sh_insmod_cmd)
1711	AC_SUBST(install_name)
1712	AC_SUBST(INSTALL_NAME)
1713	AC_SUBST(stegin_prg)
1714	AC_SUBST(xor_code)
1715
1716	AC_DEFINE_UNQUOTED(XOR_CODE, ${xor_code})
1717	AC_DEFINE_UNQUOTED(SH_SYSCALLTABLE, ${sh_syscalltable})
1718
1719
1720	exepack_state0=`${srcdir}/c_random.sh 2>/dev/null`
1721	exepack_state1=`${srcdir}/c_random.sh 2>/dev/null`
1722	exepack_state2=`${srcdir}/c_random.sh 2>/dev/null`
1723
1724	AC_DEFINE_UNQUOTED(EXEPACK_STATE_0, ${exepack_state0})
1725	AC_DEFINE_UNQUOTED(EXEPACK_STATE_1, ${exepack_state1})
1726	AC_DEFINE_UNQUOTED(EXEPACK_STATE_2, ${exepack_state2})
1727
1728
1729	AC_ARG_ENABLE(suidcheck,
1730	[ --enable-suidcheck check for suid/sgid files [[no]]],
1731	[
1732	if test "x${enableval}" = "xyes"; then
1733	AC_DEFINE(SH_USE_SUIDCHK)
1734	fi
1735	]
1736	)
1737
1738
1739	systemmap="/boot/System.map"
1740	sh_libkvm=""
1741	AC_ARG_WITH(kcheck,
1742	[ --with-kcheck[[=SYSTEM_MAP]] check Linux/FreeBSD/OpenBSD kernel integrity [[/boot/System.map]]],
1743	[
1744	if test "x${withval}" != "xno"; then
1745	AC_DEFINE(SH_USE_KERN)
1746	kernelversion=`uname -r`
1747	AC_DEFINE_UNQUOTED(SH_KERNEL_VERSION, _("${kernelversion}"), [Define the kernel version])
1748	if test "x${withval}" != "xyes"; then
1749	systemmap="${withval}"
1750	fi
1751	if test "x${cross_compiling}" = xyes; then
1752	:
1753	elif test "x$selectconfig" = "xfreebsd"; then
1754	LIBS="$LIBS -lkvm"
1755	sh_libkvm="-lkvm"
1756	elif test -f "${systemmap}"; then
1757	:
1758	else
1759	AC_MSG_ERROR([--with-kcheck: cannot find system map ${systemmap}])
1760	fi
1761	fi
1762	]
1763	)
1764	AC_SUBST(systemmap)
1765	AC_SUBST(sh_libkvm)
1766
1767	AC_ARG_ENABLE(base,
1768	[ --enable-base=B1,B2 base key (0...2147483647)],
1769	[
1770	AC_MSG_CHECKING(base key setting)
1771	my_key_A=`echo ${enableval} \| awk 'BEGIN{FS=","}{print $1}'`
1772	my_key_B=`echo ${enableval} \| awk 'BEGIN{FS=","}{print $2}'`
1773	AC_MSG_RESULT(${my_key_A} ${my_key_B})
1774	if test "x${my_key_A}" = x; then
1775	AC_MSG_ERROR([--enable-base: first base key has zero length])
1776	fi
1777	if test "x${my_key_B}" = x; then
1778	AC_MSG_ERROR([--enable-base: second base key has zero length])
1779	fi
1780	echo "${my_key_A}" \| grep ['[^0123456789]'] >/dev/null 2>&1 &&
1781	AC_MSG_ERROR([--enable-base: base key must be numeric in the range 0 to 2147483647])
1782	echo "${my_key_B}" \| grep ['[^0123456789]'] >/dev/null 2>&1 &&
1783	AC_MSG_ERROR([--enable-base: base key must be numeric in the range 0 to 2147483647])
1784	],
1785	[
1786	AC_MSG_CHECKING(base key setting .. collecting entropy)
1787	my_key_1=`${srcdir}/c_random.sh 2>/dev/null`
1788	my_key_2=`${srcdir}/c_random.sh 2>/dev/null`
1789	my_key_3=`${srcdir}/c_random.sh 2>/dev/null`
1790	my_key_4=`${srcdir}/c_random.sh 2>/dev/null`
1791	my_key_A=`expr $my_key_1 \* 32767`
1792	my_key_A=`echo ${my_key_A} \| sed 's%^0*%%g' 2>/dev/null`
1793	my_key_A=`expr $my_key_A \+ $my_key_2`
1794	my_key_B=`expr $my_key_3 \* 32767`
1795	my_key_B=`echo ${my_key_B} \| sed 's%^0*%%g' 2>/dev/null`
1796	my_key_B=`expr $my_key_B \+ $my_key_4`
1797	AC_MSG_RESULT(${my_key_A} ${my_key_B})
1798	]
1799	)
1800	AC_SUBST(my_key_A)
1801	AC_SUBST(my_key_B)
1802
1803	dnl low bytes
1804	my_key_1=`expr $my_key_A \% 65536`
1805	dnl high bytes
1806	my_key_2=`expr $my_key_A \/ 65536`
1807	dnl low bytes
1808	my_key_3=`expr $my_key_B \% 65536`
1809	dnl high bytes
1810	my_key_4=`expr $my_key_B \/ 65536`
1811
1812	dnl echo ${my_key_1} ${my_key_2} ${my_key_3} ${my_key_4}
1813
1814	dnl touch ./sh_MK.h
1815	dnl echo "#ifndef SH_MK_H" >> ./sh_MK.h
1816	dnl echo "#define SH_MK_H" >> ./sh_MK.h
1817	dnl ${srcdir}/c_bits.sh ${my_key_1} MKB >> ./sh_MK.h
1818	dnl ${srcdir}/c_bits.sh ${my_key_2} MKA >> ./sh_MK.h
1819	dnl ${srcdir}/c_bits.sh ${my_key_3} MKC >> ./sh_MK.h
1820	dnl ${srcdir}/c_bits.sh ${my_key_4} MKD >> ./sh_MK.h
1821	dnl echo "#endif" >> ./sh_MK.h
1822	AC_SUBST(my_key_1)
1823	AC_SUBST(my_key_2)
1824	AC_SUBST(my_key_3)
1825	AC_SUBST(my_key_4)
1826
1827	AC_MSG_CHECKING(key position)
1828	pos_tf_1=`${srcdir}/c_random.sh 2>/dev/null`
1829	pos_tf_2=`expr $pos_tf_1 \% 8`
1830	pos_tf=`expr $pos_tf_2 + 1`
1831	AC_MSG_RESULT(${pos_tf})
1832	AC_DEFINE_UNQUOTED(POS_TF, ${pos_tf} )
1833
1834	mykeybase=`echo ${my_key_A},${my_key_B}`
1835	AC_DEFINE_UNQUOTED(DEFKEY, ${mykeybase} )
1836	AC_SUBST(mykeybase)
1837
1838
1839	dnl
1840	dnl GPG/PGP options
1841	dnl
1842
1843	AC_ARG_WITH(gpg,
1844	[ --with-gpg=PATH use GnuPG to verify database/config [[no]]],
1845	[
1846	if test "x${withval}" != "xno"; then
1847	if test "x${cross_compiling}" = xyes; then
1848	mygpg="${withval}"
1849	else
1850	if test -f "${withval}"; then
1851	mygpg="${withval}"
1852	mychk0=`${withval} --load-extension tiger --print-md TIGER192 ${withval} 2>/dev/null`
1853	if test "x$?" != "x0"; then
1854	mychktest=no
1855	for sampre in ./samhain ./yule /usr/local/sbin/samhain /usr/local/bin/samhain /usr/bin/samhain /usr/sbin/samhain /usr/local/sbin/yule /usr/local/bin/yule /usr/bin/yule /usr/sbin/yule; do
1856	if test x"${mychktest}" = xyes
1857	then
1858	:
1859	else
1860	if test -f ${sampre}
1861	then
1862	echo "use existing ${sampre} for gpg checksum"
1863	mychk0=`${sampre} -H ${withval} 2>/dev/null`
1864	if test "x$?" != "x0"; then
1865	:
1866	else
1867	mychk="${mychk0}"
1868	mychktest=yes
1869	fi
1870	fi
1871	fi
1872	done
1873	if test x${mychktest} = xno; then
1874	AC_MSG_WARN([--with-gpg: cannot determine TIGER192 checksum of ${withval}])
1875	echo "-------------------------------------------------------------"
1876	echo " Your gpg binary does not support the TIGER192 checksum, "
1877	echo " and I cannot find an existing samhain binary to use instead."
1878	echo " You can:"
1879	echo " (a) run make to compile a samhain binary, then repeat"
1880	echo " ./configure and make"
1881	echo " (b) ignore the failure. The checksum of the gpg binary"
1882	echo " will not get compiled in, thus allowing an attacker"
1883	echo " to replace gpg with a trojan and subverting the gpg"
1884	echo " signature verification of configure and database files."
1885	echo "-------------------------------------------------------------"
1886	fi
1887	else
1888	mychk="${mychk0}"
1889	fi
1890	else
1891	AC_MSG_WARN([--with-gpg: cannot find GnuPG PATH=${withval}])
1892	fi
1893	fi
1894	AC_DEFINE(WITH_GPG)
1895	AC_DEFINE_UNQUOTED(DEFAULT_GPG_PATH, _("${mygpg}") )
1896	AC_SUBST(mygpg)
1897	fi
1898	]
1899	)
1900
1901	dnl AC_ARG_WITH(pgp,
1902	dnl [ --with-pgp=PATH Use PGP to verify database/config (no).],
1903	dnl [myppg="$withval"
1904	dnl AC_DEFINE(WITH_PGP)
1905	dnl AC_DEFINE_UNQUOTED(DEFAULT_PGP_PATH, _("${myppg}") )
1906	dnl ])
1907
1908	AC_ARG_WITH(checksum,
1909	[ --with-checksum=CHKSUM compile in gpg/pgp checksum [[yes]]],
1910	[
1911	if test "x${withval}" != "xno"; then
1912	if test "x${withval}" != "xyes"; then
1913	if test "x${mychk}" != "x"; then
1914	if test "x${mychk}" != "x${withval}"; then
1915	AC_MSG_WARN([--with-checksum: possible gpg CHKSUM problem])
1916	AC_MSG_WARN([--with-checksum: CHKSUM=${withval}])
1917	AC_MSG_WARN([--with-checksum: autodetected=${mychk}])
1918	fi
1919	fi
1920	mychk="${withval}"
1921	else
1922	if test "x${mychk}" = "x"; then
1923	AC_MSG_ERROR([--with-checksum: gpg CHKSUM not specified])
1924	fi
1925	fi
1926	AC_DEFINE(HAVE_GPG_CHECKSUM)
1927	AC_DEFINE_UNQUOTED(GPG_HASH, _("${mychk}") )
1928	echo "${mychk}" \| sed 's,.*:,,g' \| sed 's, ,,g' \| sed 's,\(.\),\1:,g' \| awk '{ split($0, arr, ":"); m = length($1)/2; print "#ifndef CHKSUM_H"; print "#define CHKSUM_H"; print "char gpgchk[50];"; for (i=1; i <= m; i++) printf "gpgchk[%d] = %c%s%c;\n", i-1, 39, arr[i], 39; printf "gpgchk[48] = %c%c0%c;\n", 39, 92, 39; print "#endif"; }' > sh_gpg_chksum.h
1929	fi
1930	],
1931	[
1932	if test "x${mygpg}" != "x"; then
1933	if test "x${mychk}" != "x"; then
1934	AC_DEFINE(HAVE_GPG_CHECKSUM)
1935	AC_DEFINE_UNQUOTED(GPG_HASH, _("${mychk}") )
1936	echo "${mychk}" \| sed 's,.*:,,g' \| sed 's, ,,g' \| sed 's,\(.\),\1:,g' \| awk '{ split($0, arr, ":"); m = length($1)/2; print "#ifndef CHKSUM_H"; print "#define CHKSUM_H"; print "char gpgchk[50];"; for (i=1; i <= m; i++) printf "gpgchk[%d] = %c%s%c;\n", i-1, 39, arr[i], 39; printf "gpgchk[48] = %c%c0%c;\n", 39, 92, 39; print "#endif"; }' > sh_gpg_chksum.h
1937	fi
1938	fi
1939	]
1940	)
1941
1942	AC_ARG_WITH(fp,
1943	[ --with-fp=FINGERPRINT compile in public key fingerprint [[no]]],
1944	[
1945	if test "x${withval}" != "xno"; then
1946	if test "x${withval}" != "xyes"; then
1947	withval0=`echo ${withval} \| sed 's% %%g'`
1948	echo "${withval0}" \| \
1949	grep ['[^0123456789abcdefABCDEF]'] >/dev/null 2>&1 &&
1950	AC_MSG_ERROR([--with-fp: invalid character(s) in FINGERPRINT=${withval0}])
1951	sh_len=`echo ${withval0} \| wc -c \| sed 's% %%g'`
1952	sh_len0=`expr ${sh_len} \- 1`
1953	if test "x${sh_len0}" = "x40" \|\| test "x${sh_len0}" = "x32"
1954	then
1955	myfp="${withval0}"
1956	AC_DEFINE(USE_FINGERPRINT)
1957	AC_DEFINE_UNQUOTED(SH_GPG_FP, _("${myfp}") )
1958	echo "${myfp}" \| sed 's,.*:,,g' \| sed 's, ,,g' \| sed 's,\(.\),\1:,g' \| awk '{ split($0, arr, ":"); m = length($1)/2; print "#ifndef FINGERPRINT_H"; print "#define FINGERPRINT_H"; printf "char gpgfp[%d];\n", m+1; for (i=1; i <= m; i++) printf "gpgfp[%d] = %c%s%c;\n", i-1, 39, arr[i], 39; printf "gpgfp[%d] = %c%c0%c;\n", m, 39, 92, 39; print "#endif"; }' > sh_gpg_fp.h
1959	else
1960	AC_MSG_ERROR([--with-fp: length (${sh_len0}) of FINGERPRINT ${withval0} incorrect])
1961	fi
1962	else
1963	AC_MSG_ERROR([--with-fp: usage error ... FINGERPRINT=yes])
1964	fi
1965	fi
1966	])
1967
1968
1969	dnl
1970	dnl MAIL OPTIONS
1971	dnl
1972
1973	AC_ARG_WITH(recipient,
1974	[ --with-recipient=ADDR set recipient(s) for e-mail [[none]]],
1975	[
1976	withval0=`echo ${withval} \| sed 's%,% %g'`
1977	for sh_item in ${withval0}
1978	do
1979	case ${sh_item} in
1980	*@localhost)
1981	;;
1982	@.*)
1983	sh_tmp=`echo ${sh_item} \| awk '{ if ($1 ~ [/^[a-zA-Z0-9][a-zA-Z0-9\-_\.]*@[a-zA-Z0-9\-\.]+\.([a-zA-Z]+\|[0-9]+)$/]) {print 1; } else { print 0}}'`
1984	if test "x${sh_tmp}" != "x1"
1985	then
1986	AC_MSG_ERROR([--with-recipient: invalid mail address ${sh_item}])
1987	fi
1988	;;
1989	*)
1990	AC_MSG_ERROR([--with-recipient: invalid mail address ${sh_item}])
1991	;;
1992	esac
1993	done
1994	myrcp="$withval0"
1995	],
1996	[myrcp="NULL"])
1997	AC_DEFINE_UNQUOTED(DEFAULT_MAILADDRESS, _("${myrcp}") )
1998
1999
2000	AC_ARG_WITH(sender,
2001	[ --with-sender=SENDER set sender for e-mail [[daemon]]],
2002	[
2003	mysender="${withval}"
2004	],
2005	[
2006	mysender="daemon"
2007	])
2008	AC_DEFINE_UNQUOTED(DEFAULT_SENDER, _("${mysender}") )
2009
2010
2011	dnl
2012	dnl PATHS
2013	dnl
2014
2015	AC_ARG_WITH(trusted,
2016	[ --with-trusted=UID Set uid(s) of trusted users [[0]]],
2017	[
2018	sh_tmp_test=no
2019	sh_tmp=`echo ${withval} \| sed 's%,% %g'`
2020	for sh_tmp1 in ${sh_tmp}
2021	do
2022	echo "${sh_tmp1}" \| grep ['[^0123456789]'] >/dev/null 2>&1 &&
2023	AC_MSG_ERROR([--with-trusted: non-numeric UID in ${withval}])
2024	if test "x${sh_tmp1}" = "x0"
2025	then
2026	sh_tmp_test=yes
2027	fi
2028	done
2029	if test "x${sh_tmp_test}" = "xno"
2030	then
2031	withval="0,${withval}"
2032	fi
2033	mytrust="${withval}"
2034	],
2035	[mytrust="0"] )
2036	AC_DEFINE_UNQUOTED(SL_ALWAYS_TRUSTED, ${mytrust} )
2037	AC_SUBST(mytrust)
2038
2039	AC_ARG_WITH(tmp-dir,
2040	[ --with-tmp-dir=PFX set directory for temporary files [[HOME]]],
2041	[
2042	if test "x${cross_compiling}" = xyes; then
2043	:
2044	else
2045	if test -d "${withval}"; then
2046	my_tmp_dir="$withval"
2047	AC_DEFINE_UNQUOTED(SH_TMPDIR, _("${my_tmp_dir}") )
2048	else
2049	AC_MSG_ERROR([--with-tmp-dir: tmp directory ${withval} does not exist])
2050	fi
2051	fi
2052	]
2053	)
2054
2055	dnl
2056	dnl PATH DEFAULTS
2057	dnl
2058
2059	if test "x${ac_prefix_set}" = xyes
2060	then
2061	if test "x${exec_prefix}" = xNONE
2062	then
2063	exec_prefix="${prefix}"
2064	fi
2065
2066	if test "x${prefix}" = xOPT
2067	then
2068	tmp_sbindir="/opt/${install_name}/bin"
2069	tmp_sysconfdir="/etc/opt"
2070	tmp_mandir="/opt/${install_name}/man"
2071	tmp_localstatedir="/var/opt/${install_name}"
2072	elif test "x${prefix}" = xUSR
2073	then
2074	tmp_sbindir="/usr/sbin"
2075	tmp_sysconfdir="/etc"
2076	tmp_mandir="/usr/share/man"
2077	tmp_localstatedir="/var"
2078	else
2079	tmp_sbindir=`eval echo ${sbindir}`
2080	tmp_sysconfdir=`eval echo ${sysconfdir}`
2081	tmp_mandir=`eval echo ${mandir}`
2082	tmp_localstatedir=`eval echo ${localstatedir}`
2083	fi
2084	else
2085	prefix=""
2086	if test "x${ac_exec_prefix_set}" = xyes
2087	then
2088	tmp_sbindir=`eval echo ${sbindir}`
2089	else
2090	tmp_sbindir="/usr/local/sbin"
2091	fi
2092	tmp_sysconfdir="/etc"
2093	# share/man -> man (FHS) 11.10.2002
2094	tmp_mandir="/usr/local/man"
2095	tmp_localstatedir="/var"
2096	fi
2097
2098
2099	if test "x${ac_sbindir_set}" = xyes
2100	then
2101	:
2102	else
2103	sbindir=`eval echo ${tmp_sbindir}`
2104	fi
2105
2106
2107	if test "x${ac_sysconfdir_set}" = xyes
2108	then
2109	:
2110	else
2111	sysconfdir=`eval echo ${tmp_sysconfdir}`
2112	fi
2113
2114	if test "x${ac_mandir_set}" = xyes
2115	then
2116	:
2117	else
2118	mandir=`eval echo ${tmp_mandir}`
2119	fi
2120
2121	if test "x${ac_localstatedir_set}" = xyes
2122	then
2123	:
2124	else
2125	localstatedir=`eval echo ${tmp_localstatedir}`
2126	fi
2127
2128
2129
2130	AC_ARG_WITH(config-file,
2131	[ --with-config-file=FILE configuration file [[/etc/{install_name}rc]]],
2132	[
2133	myconffile="${withval}"
2134	changequote(<<, >>)dnl
2135	tmp=`echo ${withval} \| sed 's%^REQ_FROM_SERVER%%'`
2136	sysconfdir=`echo ${tmp} \| sed 's%/[^/][^/]*$%%'`
2137	myrpmconffile="${tmp}"
2138	changequote([, ])dnl
2139	],
2140	[
2141	myconffile="${sysconfdir}/${install_name}rc"
2142	myrpmconffile="${myconffile}"
2143	]
2144	)
2145	AC_DEFINE_UNQUOTED(DEFAULT_CONFIGFILE, _("${myconffile}") )
2146	AC_SUBST(myconffile)
2147	AC_SUBST(myrpmconffile)
2148
2149	AC_ARG_WITH(log-file,
2150	[ --with-log-file=FILE path of log file [[/var/log/{install_name}_log]]],
2151	[
2152	mylogfile="$withval"
2153	changequote(<<, >>)dnl
2154	mylogdir=`echo ${withval} \| sed 's%/[^/][^/]*$%%'`
2155	changequote([, ])dnl
2156	],
2157	[
2158	if test "x${mytclient}" = "x-DSH_WITH_SERVER"; then
2159	mylogfile="${localstatedir}/log/${install_name}/${install_name}_log"
2160	mylogdir="${localstatedir}/log/${install_name}"
2161	else
2162	mylogfile="${localstatedir}/log/${install_name}_log"
2163	mylogdir="${localstatedir}/log"
2164	fi
2165	]
2166	)
2167	AC_DEFINE_UNQUOTED(DEFAULT_ERRFILE, _("${mylogfile}") )
2168	AC_DEFINE_UNQUOTED(DEFAULT_LOGDIR, _("${mylogdir}") )
2169	AC_SUBST(mylogfile)
2170	AC_SUBST(mylogdir)
2171
2172	AC_ARG_WITH(pid-file,
2173	[ --with-pid-file=FILE set path of pid file [[/var/run/{install_name}.pid]]],
2174	[
2175	mylockfile="$withval"
2176	changequote(<<, >>)dnl
2177	mylockdir=`echo ${withval} \| sed 's%/[^/][^/]*$%%'`
2178	changequote([, ])dnl
2179	],
2180	[
2181	mylockfile="${localstatedir}/run/${install_name}.pid"
2182	mylockdir="${localstatedir}/run"
2183	]
2184	)
2185	AC_DEFINE_UNQUOTED(DEFAULT_ERRLOCK, _("${mylockfile}") )
2186	AC_DEFINE_UNQUOTED(DEFAULT_PIDDIR, _("${mylockdir}") )
2187	AC_SUBST(mylockfile)
2188	AC_SUBST(mylockdir)
2189
2190	AC_ARG_WITH(state-dir,
2191	[ --with-state-dir=PFX set state data directory [[/var/lib/{install_name}]]],
2192	[
2193	mydataroot="$withval"
2194	],
2195	[
2196	mydataroot="${localstatedir}/lib/${install_name}"
2197	]
2198	)
2199	AC_ARG_WITH(data-file,
2200	[ --with-data-file=FILE set path of data file],
2201	[
2202	mydatafile="$withval"
2203	changequote(<<, >>)dnl
2204	tmp=`echo ${withval} \| sed 's%^REQ_FROM_SERVER%%'`
2205	mydataroot=`echo ${tmp} \| sed 's%/[^/][^/]*$%%'`
2206	myrpmdatafile="${tmp}"
2207	changequote([, ])dnl
2208	if test x"${tmp}" = x
2209	then
2210	echo "No local path in data file ${withval}"
2211	echo "This will not work for initializing the database."
2212	if test x"${withval}" = xREQ_FROM_SERVER
2213	then
2214	echo "It should be REQ_FROM_SERVER/some/local/path"
2215	fi
2216	AC_MSG_ERROR([--with-data-file: invalid path ${withval}])
2217	fi
2218	],
2219	[
2220	mydatafile="${mydataroot}/${install_name}_file"
2221	myrpmdatafile="${mydatafile}"
2222	])
2223	AC_DEFINE_UNQUOTED(DEFAULT_DATA_FILE, _("${mydatafile}") )
2224	AC_SUBST(mydatafile)
2225	AC_SUBST(myrpmdatafile)
2226
2227	AC_DEFINE_UNQUOTED(DEFAULT_DATAROOT, _("${mydataroot}") )
2228	AC_SUBST(mydataroot)
2229
2230	AC_DEFINE_UNQUOTED(DEFAULT_QDIR, _("${mydataroot}/.quarantine") )
2231	AC_SUBST(myqdir)
2232
2233
2234	AC_ARG_WITH(html-file,
2235	[ --with-html-file=FILE set path of html file,],
2236	[
2237	myhtmlfile="$withval"
2238	],
2239	[
2240	myhtmlfile="${mylogdir}/${install_name}.html"
2241	])
2242	AC_DEFINE_UNQUOTED(DEFAULT_HTML_FILE, _("${myhtmlfile}") )
2243	AC_SUBST(myhtmlfile)
2244
2245
2246	mydefargs=$ac_configure_args
2247	# if test -z "`echo "$mydefargs" \| grep "\-\-enable\-static" 2> /dev/null`"
2248	# then
2249	# mydefargs="--enable-static $mydefargs"
2250	# fi
2251	if test -z "`echo "$mydefargs" \| grep "\-\-enable\-base" 2> /dev/null`"
2252	then
2253	mydefargs="--enable-base=${mykeybase} $mydefargs"
2254	fi
2255	AC_SUBST(mydefargs)
2256
2257
2258	AC_DEFINE_UNQUOTED(SH_INSTALL_DIR, _("${sbindir}"))
2259	AC_DEFINE_UNQUOTED(SH_INSTALL_PATH, _("${sbindir}/${install_name}"))
2260	AC_DEFINE_UNQUOTED(SH_INSTALL_NAME, _("${install_name}"))
2261
2262	AC_CONFIG_HEADER(config.h)
2263
2264	AC_OUTPUT(
2265	[
2266	Makefile
2267	samhain-install.sh
2268	init/samhain.startLSB
2269	init/samhain.startLinux
2270	init/samhain.startGentoo
2271	init/samhain.startFreeBSD
2272	init/samhain.startSolaris
2273	init/samhain.startHPUX
2274	init/samhain.startIRIX
2275	samhain.spec
2276	rules.deb
2277	rules.deb-light
2278	hp_ux.psf
2279	scripts/samhain.spec
2280	scripts/redhat_i386.client.spec
2281	scripts/samhain.ebuild
2282	scripts/samhain.ebuild-light
2283	scripts/samhainadmin.pl
2284	scripts/check_samhain.pl
2285	deploy.sh
2286	],
2287	[
2288	echo timestamp > stamp-h
2289	chmod +x samhain-install.sh
2290	chmod +x scripts/samhainadmin.pl
2291	chmod +x scripts/check_samhain.pl
2292	]
2293	)
2294
2295	chmod +x deploy.sh
2296
2297	if test "x${cross_compiling}" = xyes
2298	then
2299
2300	echo "--------------------------------------------------------------"
2301	echo
2302	echo "You are using a cross-compiler. The following system dependent"
2303	echo "values may have been set to default values that may be"
2304	echo "incorrect for your target system: "
2305	echo
2306	echo "ac_cv_c_bigendian bigendian byte order ${ac_cv_c_bigendian}"
2307	echo "ac_cv_c_long_double long double exists ${ac_cv_c_long_double}"
2308	echo "ac_cv_sizeof_char_p size of pointer to char ${ac_cv_sizeof_char_p}"
2309	echo "ac_cv_sizeof_char_p size of size_t ${ac_cv_sizeof_size_t}"
2310	echo "ac_cv_sizeof_unsigned_int_ size of unsigned int ${ac_cv_sizeof_unsigned_int_}"
2311	echo "ac_cv_sizeof_unsigned_long size of unsigned long ${ac_cv_sizeof_unsigned_long}"
2312	echo "ac_cv_sizeof_unsigned_short size of unsigned short ${ac_cv_sizeof_unsigned_short}"
2313	echo
2314	echo "If these values are incorrect, change them in the file "
2315	echo "config.cache and run configure again."
2316	echo
2317	echo "--------------------------------------------------------------"
2318
2319	fi
2320
2321	if test x${silent} != xyes
2322	then
2323
2324	# A=`eval echo ${sbindir}` ; A=`eval echo ${A}`
2325	# B=`eval echo ${myconffile}` ; B=`eval echo ${B}`
2326	# C=`eval echo ${mandir}` ; C=`eval echo ${C}`
2327	# D=`eval echo ${mylockfile}` ; D=`eval echo ${D}`
2328	# E=`eval echo ${mylogfile}` ; E=`eval echo ${E}`
2329	# F=`eval echo ${mydataroot}` ; F=`eval echo ${F}`
2330
2331	echo
2332	echo " samhain has been configured as follows:"
2333	echo " System binaries: ${sbindir}"
2334	echo " Configuration file: ${myconffile}"
2335	echo " Manual pages: ${mandir}"
2336	echo " Data: ${mydataroot}"
2337	echo " PID file: ${mylockfile}"
2338	echo " Log file: ${mylogfile}"
2339	echo " Base key: ${mykeybase}"
2340	echo
2341	if test x"$mytclient" = x"-DSH_WITH_SERVER"
2342	then
2343	echo " Selected rc file: yulerc"
2344	else
2345	echo " Selected rc file: samhainrc.${selectconfig}"
2346	fi
2347
2348	fi
2349

Note: See TracBrowser for help on using the repository browser.

Download in other formats: