Context Navigation

source: trunk/configure.ac@ 444

Last change on this file since 444 was 444, checked in by katerina, 11 years ago
Support for sha2-256 checksum (ticket #348).
File size: 79.5 KB

Line
1	dnl We want to override the standard _AC_INIT_PARSE_ARGS
2	dnl
3	AU_ALIAS([_AC_INIT_PARSE_ARGS], [SH_INIT_PARSE_ARGS])
4	AU_ALIAS([_AC_INIT_help], [SH_INIT_HELP])
5
6	AC_INIT(src/samhain.c)
7
8
9	AC_ARG_VAR([LIBS], [libraries to link against, e.g. -lintl])
10
11	dnl
12	dnl start
13	dnl
14	AM_INIT_AUTOMAKE(samhain, 3.1.0)
15	AC_DEFINE([SAMHAIN], 1, [Application is samhain])
16	AC_CANONICAL_HOST
17
18	dnl
19	dnl checks for programs
20	dnl
21
22	AC_PROG_CC
23	if test "$host" != "$build"; then
24	AC_CHECK_PROGS(BUILD_CC, gcc cc)
25	else
26	BUILD_CC=$CC
27	fi
28	AC_PROG_CPP
29	AC_PROG_INSTALL
30	AC_PROG_LN_S
31	AC_PROG_AWK
32	SH_PROG_LD
33	AC_PATH_PROG(cmd_hostname,hostname)
34	AC_SUBST(cmd_hostname)
35	AC_SUBST(BUILD_CC)
36
37	if test "x$GCC" = "xyes"; then
38	SH_GCC_VERSION
39	fi
40
41	AC_HEADER_STDC
42	dnl
43	dnl first one is a dummy because of an autoconf bug
44	dnl (no HAVE_... for first one)
45	dnl
46	AC_CHECK_HEADERS([sys/ipc.h sys/msg.h sys/uio.h fcntl.h])
47
48
49	AC_MSG_CHECKING([for OS specific issues])
50	mydebugflag=no
51	myneedg3=no
52	uid_cast="signed long"
53	selectconfig=linux
54	mynetbsd=no
55	sh_use_lcaps="undef"
56	dnmalloc_ok=yes
57	sh_use_pie=yes
58
59	case "$host_os" in
60
61	linux)
62	sh_use_lcaps="yes"
63	AC_DEFINE(HOST_IS_LINUX)
64	AC_DEFINE(HAVE_EXT2_IOCTLS)
65	AC_MSG_RESULT([use ioctl to get e2fs flags])
66	case "$host_cpu" in
67	i86)
68	AC_DEFINE(HOST_IS_I86LINUX)
69	;;
70	x86_64)
71	AC_DEFINE([HOST_IS_64LINUX], 1, [Define if host OS is 64bit Linux])
72	;;
73	*)
74	;;
75	esac
76	;;
77
78	osf)
79	AC_DEFINE([HOST_IS_OSF], 1, [Define if host OS is OSF])
80	if test "x$GCC" != "xyes"; then
81	CFLAGS=`echo $CFLAGS \| sed 's%\-g%%' `
82	CFLAGS="$CFLAGS -O2 -assume noaligned_objects"
83	myneedg3=yes
84	AC_MSG_RESULT([compiler needs assume noaligned_objects])
85	else
86	AC_MSG_RESULT([none])
87	fi
88	;;
89
90	cygwin)
91	AC_DEFINE(HOST_IS_CYGWIN)
92	AC_DEFINE([USE_REGISTRY_CHECK], 1, [Define for registry check])
93	dnmalloc_ok=no
94	AC_MSG_RESULT([no trusted paths and no dnmalloc])
95	;;
96
97	darwin\|apple)
98	AC_DEFINE(HOST_IS_DARWIN)
99	dnmalloc_ok=no
100	AC_MSG_RESULT([check resource forks, no dnmalloc])
101	;;
102
103	freebsd8\|freebsd9)
104	AC_DEFINE(HOST_IS_FREEBSD)
105	selectconfig=freebsd
106	case "$host_cpu" in
107	amd64\|x86_64)
108	dnmalloc_ok=no
109	AC_MSG_RESULT([no dnmalloc])
110	;;
111	*)
112	AC_MSG_RESULT([none])
113	;;
114	esac
115	;;
116
117	freebsd7)
118	AC_DEFINE(HOST_IS_FREEBSD)
119	selectconfig=freebsd
120	case "$host_cpu" in
121	amd64\|x86_64)
122	sh_use_pie=no
123	dnmalloc_ok=no
124	AC_MSG_RESULT([no dnmalloc and broken compiler toolchain])
125	;;
126	*)
127	AC_MSG_RESULT([none])
128	;;
129	esac
130	;;
131
132	freebsd)
133	AC_DEFINE(HOST_IS_FREEBSD)
134	selectconfig=freebsd
135	AC_MSG_RESULT([none])
136	;;
137
138	openbsd)
139	AC_DEFINE([HOST_IS_OPENBSD], 1, [Define if host OS is OPENBSD])
140	selectconfig=freebsd
141	dnmalloc_ok=no
142	AC_MSG_RESULT([dnmalloc does not work with pthreads])
143	;;
144
145	netbsd)
146	mynetbsd=yes
147	selectconfig=netbsd
148	AC_MSG_RESULT([bug with libresolve])
149	;;
150
151	solaris)
152	selectconfig=solaris
153	AC_DEFINE(HOST_IS_SOLARIS)
154	case "$host_cpu" in
155	i*86)
156	AC_DEFINE(HOST_IS_I86SOLARIS)
157	AC_MSG_RESULT([vsnprintf prototype])
158	;;
159	*)
160	AC_MSG_RESULT([none])
161	;;
162	esac
163	if test "x$GCC" != "xyes"; then
164	if test ! -z "`echo "$CFLAGS" \| grep "\-g" 2> /dev/null`" ; then
165	CFLAGS=`echo $CFLAGS \| sed 's%\-g%%' `
166	fi
167	if test -z "`echo "$CFLAGS" \| grep "\-xO2" 2> /dev/null`"; then
168	CFLAGS="$CFLAGS -xO2"
169	fi
170	if test -z "`echo "$CFLAGS" \| grep "\-Xa" 2> /dev/null`"; then
171	CFLAGS="$CFLAGS -Xa"
172	fi
173	LIBS="-lc $LIBS"
174	fi
175	;;
176
177
178	sun)
179	selectconfig=solaris
180	AC_DEFINE(HOST_IS_SOLARIS)
181	AC_MSG_RESULT([none])
182	;;
183
184	aix)
185	AC_DEFINE(HOST_IS_AIX)
186	selectconfig=aix5.2.0
187	uid_cast="unsigned long"
188	if test "x$GCC" != "xyes"; then
189	if test ! -z "`echo "$CFLAGS" \| grep "\-g" 2> /dev/null`" ; then
190	CFLAGS=`echo $CFLAGS \| sed 's%\-g%%' `
191	fi
192	if test -z "`echo "$CFLAGS" \| grep "\-O3" 2> /dev/null`"; then
193	CFLAGS="$CFLAGS -O3"
194	fi
195	if test -z "`echo "$CFLAGS" \| grep "\-qstrict" 2> /dev/null`"; then
196	CFLAGS="$CFLAGS -qstrict"
197	fi
198	AC_MSG_RESULT([AIX size_t in the accept call and optimize O3 qstrict])
199	else
200	AC_MSG_RESULT([AIX size_t in the accept call])
201	fi
202	;;
203
204	hpux)
205	AC_MSG_RESULT([HPUX need _XOPEN_SOURCE_EXTENDED for h_errno])
206	AC_DEFINE(HOST_IS_HPUX)
207	if test "x$GCC" != "xyes"; then
208	if test ! -z "`echo "$CFLAGS" \| grep "\-g" 2> /dev/null`" ; then
209	CFLAGS=`echo $CFLAGS \| sed 's%\-g%%' `
210	fi
211	if test -z "`echo "$CFLAGS" \| grep "\+O2" 2> /dev/null`"; then
212	CFLAGS="$CFLAGS +O2"
213	fi
214	fi
215	;;
216
217	ultrix)
218	AC_MSG_RESULT([ULTRIX getcwd uses popen])
219	AC_DEFINE(HAVE_BROKEN_GETCWD)
220	;;
221
222	*)
223	AC_MSG_RESULT([none])
224	;;
225	esac
226
227	AC_SUBST(selectconfig)
228	AC_DEFINE_UNQUOTED(UID_CAST, ${uid_cast})
229
230
231
232	dnl *****************************************
233	dnl
234	dnl checks for header files
235	dnl
236	dnl *****************************************
237
238	AC_HEADER_DIRENT
239	AC_HEADER_MAJOR
240	AC_HEADER_TIME
241	dnl used in minilzo.c
242	AC_HEADER_STAT
243	AC_DECL_SYS_SIGLIST
244
245	AC_CHECK_HEADERS(stddef.h libgen.h sched.h malloc.h sys/uio.h \
246	sys/mman.h sys/param.h sys/inotify.h \
247	sys/vfs.h mntent.h \
248	sys/select.h sys/socket.h netinet/in.h \
249	regex.h glob.h fnmatch.h \
250	linux/ext2_fs.h linux/fs.h ext2fs/ext2_fs.h asm/segment.h \
251	elf.h linux/elf.h auparse.h \
252	paths.h arpa/nameser.h arpa/nameser_compat.h \
253	rpc/rpcent.h rpc/rpc.h sys/statvfs.h,
254	[],
255	[],
256	[#include <sys/types.h>]
257	)
258
259
260	AC_CHECK_HEADER(utmpx.h, sh_utmpx="yes", sh_utmpx="no")
261	if test "x$sh_utmpx" = "xyes"; then
262	AC_DEFINE(HAVE_UTMPX_H)
263	AC_EGREP_HEADER(ut_host, utmpx.h, AC_DEFINE(HAVE_UTHOST) )
264	AC_EGREP_HEADER(ut_addr, utmpx.h, AC_DEFINE(HAVE_UTADDR) )
265	AC_EGREP_HEADER(ut_addr_v6, utmpx.h, AC_DEFINE(HAVE_UTADDR_V6) )
266	AC_EGREP_HEADER(ut_xtime,utmpx.h, AC_DEFINE(HAVE_UTXTIME) )
267	AC_EGREP_HEADER(ut_type, utmpx.h, AC_DEFINE(HAVE_UTTYPE) )
268	else
269	AC_EGREP_HEADER(ut_addr, utmp.h, AC_DEFINE(HAVE_UTADDR) )
270	AC_EGREP_HEADER(ut_host, utmp.h, AC_DEFINE(HAVE_UTHOST) )
271	AC_EGREP_HEADER(ut_type, utmp.h, AC_DEFINE(HAVE_UTTYPE) )
272	fi
273
274	dnl
275	dnl figure out where acct.h lives
276	dnl and whether fields are int/comp_t
277	dnl
278	dnl GNU Accounting Utilities
279	dnl Copyright (C) 1993, 1996, 1997, 2003, 2005 Free Software Foundation, Inc.
280	dnl The GNU Accounting Utilities are free software; you can redistribute
281	dnl them and/or modify them under the terms of the GNU General Public
282	dnl License as published by the Free Software Foundation; either version
283	dnl 2, or (at your option) any later version.
284	dnl
285	AC_CHECK_HEADER(sys/acct.h,
286	AC_DEFINE(HAVE_SYS_ACCT_H, ,
287	[Define if you have the <sys/acct.h> header file.])
288	AC_HEADER_EGREP(ac_utime, sys/acct.h,
289	AC_DEFINE(HAVE_ACUTIME, ,
290	[Define if <sys/acct.h> has the AC_UTIME field.])
291	AC_HEADER_EGREP(comp_t.*ac_utime, sys/acct.h,
292	AC_DEFINE(ACUTIME_COMPT, ,
293	[Define if <sys/acct.h>'s AC_UTIME field is a COMP_T.]))
294	)
295	AC_HEADER_EGREP(ac_stime, sys/acct.h,
296	AC_DEFINE(HAVE_ACSTIME, ,
297	[Define if <sys/acct.h> has the AC_STIME field.])
298	AC_HEADER_EGREP(comp_t.*ac_stime, sys/acct.h,
299	AC_DEFINE(ACSTIME_COMPT, ,
300	[Define if <sys/acct.h>'s AC_STIME field is a COMP_T.]))
301	)
302	AC_HEADER_EGREP(ac_etime, sys/acct.h,
303	AC_DEFINE(HAVE_ACETIME, ,
304	[Define if <sys/acct.h> has the AC_ETIME field.])
305	AC_HEADER_EGREP(comp_t.*ac_etime, sys/acct.h,
306	AC_DEFINE(ACETIME_COMPT, ,
307	[Define if <sys/acct.h>'s AC_ETIME field is a COMP_T.]))
308	)
309	AC_HEADER_EGREP(ac_io, sys/acct.h,
310	AC_DEFINE(HAVE_ACIO, ,
311	[Define if <sys/acct.h> has the AC_IO field.])
312	AC_HEADER_EGREP(comp_t.*ac_io, sys/acct.h,
313	AC_DEFINE(ACIO_COMPT, ,
314	[Define if <sys/acct.h>'s AC_IO field is a COMP_T.]))
315	)
316	AC_HEADER_EGREP(ac_mem, sys/acct.h,
317	AC_DEFINE(HAVE_ACMEM, ,
318	[Define if <sys/acct.h> has the AC_MEM field.])
319	AC_HEADER_EGREP(comp_t.*ac_mem, sys/acct.h,
320	AC_DEFINE(ACMEM_COMPT, ,
321	[Define if <sys/acct.h>'s AC_MEM field is a COMP_T.]))
322	)
323	AC_HEADER_EGREP(ac_minflt, sys/acct.h,
324	AC_HEADER_EGREP(ac_majflt, sys/acct.h,
325	AC_HEADER_EGREP(ac_swaps, sys/acct.h,
326	AC_DEFINE(HAVE_PAGING, ,
327	[Define if <sys/acct.h> has the AC_MINFLT, AC_MAJFLT and AC_SWAPS fields.])
328	AC_HEADER_EGREP(comp_t.*ac_minflt, sys/acct.h,
329	AC_DEFINE(ACMINFLT_COMPT, ,
330	[Define if <sys/acct.h>'s AC_MINFLT field is a COMP_T.]))
331	AC_HEADER_EGREP(comp_t.*ac_mayflt, sys/acct.h,
332	AC_DEFINE(ACMAJFLT_COMPT, ,
333	[Define if <sys/acct.h>'s AC_MAJFLT field is a COMP_T.]))
334	AC_HEADER_EGREP(comp_t.*ac_swaps, sys/acct.h,
335	AC_DEFINE(ACSWAPS_COMPT, ,
336	[Define if <sys/acct.h>'s AC_SWAPS field is a COMP_T.]))
337	)
338	)
339	)
340	AC_HEADER_EGREP(comp_t, sys/acct.h, AC_DEFINE(HAVE_COMP_T, ,
341	[Define if <sys/acct.h> uses the COMP_T type.]))
342	AC_HEADER_EGREP([struct acct_v3], sys/acct.h, AC_DEFINE(HAVE_ACCT_V3, ,
343	[Define if <sys/acct.h> has struct acct_v3.]))
344	AC_HEADER_EGREP([struct acctv2], sys/acct.h, AC_DEFINE(HAVE_ACCTV2, ,
345	[Define if <sys/acct.h> has struct acctv2.]))
346
347	)
348
349
350	dnl need to check because AIX 4.2 does not have it
351	dnl
352	AC_CHECK_MEMBERS([struct statfs.f_flags],[],[],[
353	#ifdef HAVE_SYS_TYPES_H
354	#include <sys/types.h>
355	#endif
356	#ifdef HAVE_SYS_STAT_H
357	#include <sys/stat.h>
358	#endif
359	#ifdef HAVE_SYS_VFS_H
360	#include <sys/vfs.h>
361	#endif
362	#ifdef HAVE_UNISTD_H
363	#include <unistd.h>
364	#endif
365	])
366
367	AC_SYS_LARGEFILE
368
369	dnl
370	dnl check whether _POSIX_SOURCE is required
371	dnl
372	SAMHAIN_POSIX
373
374
375	dnl *****************************************
376	dnl
377	dnl Checks for library functions.
378	dnl
379	dnl *****************************************
380	AC_FUNC_STRFTIME
381	AC_CHECK_FUNCS(memcmp memcpy memmove memset getpwent endpwent \
382	gettimeofday strlcat strlcpy strstr strchr strerror strsignal \
383	seteuid setreuid setresuid lstat getwd getcwd ptrace \
384	usleep setpriority getpeereid nanosleep \
385	strptime basename sched_yield hasmntopt \
386	inet_aton gethostbyname setutent setrlimit gethostname uname \
387	getaddrinfo getnameinfo \
388	initgroups getpagesize \
389	ttyname fchmod writev mmap tzset \
390	getsid getpriority getpgid statvfs \
391	strerror_r getgrgid_r getpwnam_r getpwuid_r \
392	gmtime_r localtime_r rand_r readdir_r strtok_r \
393	mincore posix_fadvise inotify_init1
394	)
395	AC_CHECK_FUNC(statfs, AC_DEFINE(HAVE_STATFS) statfs="yes", statfs="no")
396	SL_CHECK_VA_COPY
397	AC_CHECK_FUNCS(vsnprintf, [SL_CHECK_VSNPRINTF])
398	AC_CHECK_MLOCK
399	SH_STRFTIME_Z
400
401	AC_MSG_CHECKING(how to get filesystem type)
402	fstype=no
403	# The order of these tests is important.
404	AC_TRY_CPP([#include <sys/statvfs.h>
405	#include <sys/fstyp.h>], AC_DEFINE(FSTYPE_STATVFS) fstype=SVR4)
406	if test $fstype = no; then
407	AC_TRY_CPP([#include <sys/statfs.h>
408	#include <sys/fstyp.h>], AC_DEFINE(FSTYPE_USG_STATFS) fstype=SVR3)
409	fi
410	if test $fstype = no; then
411	AC_TRY_CPP([#include <sys/statfs.h>
412	#include <sys/vmount.h>], AC_DEFINE(FSTYPE_AIX_STATFS) fstype=AIX)
413	fi
414	if test $fstype = no; then
415	AC_TRY_CPP([#include <mntent.h>], AC_DEFINE(FSTYPE_MNTENT) fstype=4.3BSD)
416	fi
417	if test $fstype = no; then
418	AC_EGREP_HEADER(f_type;, sys/mount.h, AC_DEFINE(FSTYPE_STATFS) fstype=4.4BSD/OSF)
419	fi
420	if test $fstype = no; then
421	AC_TRY_CPP([#include <sys/mount.h>
422	#include <sys/fs_types.h>], AC_DEFINE(FSTYPE_GETMNT) fstype=Ultrix)
423	fi
424	AC_MSG_RESULT($fstype)
425
426	sh_libsocket=
427
428	dnl Solaris needs -lsocket and -lnsl. Unisys system includes
429	dnl gethostbyname in libsocket but needs libnsl for socket.
430	AC_CHECK_LIB(nsl, gethostbyname)
431	AC_CHECK_LIB(socket, socket, ac_need_libsocket=1, ac_try_nsl=1)
432	if test x$ac_need_libsocket = x1; then
433	LIBS="$LIBS -lsocket"
434	sh_libsocket="-lsocket"
435	fi
436	if test x$ac_try_nsl = x1; then
437	AC_CHECK_LIB(nsl, gethostbyname, ac_need_libnsl=1)
438	if test x$ac_need_libnsl = x1
439	then
440	LIBS="$LIBS -lnsl"
441	fi
442	fi
443	AC_SUBST(sh_libsocket)
444
445	AC_CHECK_LIB(socket, res_search, [
446	AC_CHECK_LIB(resolv, dn_skipname)
447	AC_CHECK_LIB(resolv, __dn_skipname)
448	if test x$ac_need_libsocket = x1; then
449	:
450	else
451	LIBS="$LIBS -lsocket"
452	fi
453	], [
454	AC_CHECK_LIB(resolv, res_search, [
455	LIBS="$LIBS -lresolv"
456	], [
457	AC_CHECK_LIB(resolv, dn_skipname)
458	AC_CHECK_LIB(resolv, __dn_skipname)
459	])
460	])
461
462	sh_auparse=no
463
464	if test "x$ac_cv_header_auparse_h" = "xyes"
465	then
466	AC_CHECK_LIB(auparse, auparse_find_field, [
467	LIBS="$LIBS -lauparse"
468	sh_auparse=yes
469	AC_DEFINE(HAVE_AUPARSE_LIB, 1, [Define if you have the auparse lib])
470	])
471	fi
472
473	dnl arguments for accept
474
475	dnl check for Unix98 socklen_t (found on
476	dnl xemacs-patches mailing list, written
477	dnl by Martin Buchholz)
478	dnl
479	dnl On Darwin(MacOSX) socklen_t needs to be
480	dnl an int (see accept man page), on all other
481	dnl unix systems we need a size_t.
482
483	AC_MSG_CHECKING(for socklen_t)
484	AC_TRY_COMPILE([
485	#ifdef HAVE_SYS_TYPES_H
486	#include <sys/types.h>
487	#endif
488	#ifdef HAVE_SYS_SOCKET_H
489	#include <sys/socket.h>
490	#endif
491	socklen_t x;
492	], [],[
493	AC_MSG_RESULT(yes)
494	AC_DEFINE_UNQUOTED([ACCEPT_TYPE_ARG3],[socklen_t], [type of arg3 of accept])
495	AC_DEFINE([HAVE_SOCKLEN_T], 1, [Define if you have socklen_t])
496	],[
497	AC_TRY_COMPILE([
498	#ifdef HAVE_SYS_TYPES_H
499	#include <sys/types.h>
500	#endif
501	#ifdef HAVE_SYS_SOCKET_H
502	#include <sys/socket.h>
503	#endif
504	int accept (int, struct sockaddr , size_t );
505	],[],[
506	AC_MSG_RESULT(size_t)
507	AC_DEFINE_UNQUOTED([ACCEPT_TYPE_ARG3],[size_t], [type of arg3 of accept])
508	], [
509	AC_MSG_RESULT(int)
510	AC_DEFINE_UNQUOTED([ACCEPT_TYPE_ARG3],[int], [type of arg3 of accept])
511	]
512	)
513	])
514
515	dnl *****************************************
516	dnl checks for extended attribute or ACL
517	dnl support
518	dnl *****************************************
519
520	sh_CHECK_XATTR
521	sh_CHECK_POSIX_ACL
522
523	dnl *****************************************
524	dnl checks for typedefs
525	dnl *****************************************
526
527	AC_C_LONG_DOUBLE
528	SH_CHECK_TYPEDEF(long long, HAVE_LONG_LONG)
529	SH_CHECK_TYPEDEF(uint16_t, HAVE_UINT16_T)
530	SH_CHECK_TYPEDEF(uint64_t, HAVE_UINT64_T)
531	if test "$sh_HAVE_LONG_LONG" = "yes"; then
532	AC_CHECK_SIZEOF(unsigned long long, 4)
533	sh_sizeof_unsigned_long_long=`echo "$ac_cv_sizeof_unsigned_long_long" \| sed 's%[^0-9]%%g'`
534	if test "$sh_sizeof_unsigned_long_long" = "8"; then
535	AC_DEFINE(HAVE_LONG_LONG_64, 1, [Define if you have 64bit long long])
536	fi
537	fi
538
539	AC_CHECK_TYPE(ptrdiff_t, long)
540	AC_TYPE_SIZE_T
541	AC_CHECK_SIZEOF(char *, 4)
542	AC_CHECK_SIZEOF(size_t, 4)
543
544	AC_CHECK_SIZEOF(unsigned long, 4)
545	AC_CHECK_SIZEOF(unsigned int, 4)
546	AC_CHECK_SIZEOF(unsigned short, 2)
547
548
549	sh_sizeof_unsigned_long=`echo "$ac_cv_sizeof_unsigned_long" \| sed 's%[^0-9]%%g'`
550	if test "$sh_sizeof_unsigned_long" = "4"; then
551	AC_DEFINE(HAVE_LONG_32)
552	fi
553	if test "$sh_sizeof_unsigned_long" = "8"; then
554	AC_DEFINE(HAVE_LONG_64)
555	fi
556	sh_sizeof_unsigned_int=`echo "$ac_cv_sizeof_unsigned_int" \| sed 's%[^0-9]%%g'`
557	if test "$sh_sizeof_unsigned_int" = "4"; then
558	AC_DEFINE(HAVE_INT_32)
559	fi
560	sh_sizeof_unsigned_short=`echo "$ac_cv_sizeof_unsigned_short" \| sed 's%[^0-9]%%g'`
561	if test "$sh_sizeof_unsigned_short" = "4"; then
562	AC_DEFINE(HAVE_SHORT_32)
563	fi
564
565	dnl
566	dnl check for 64 bit programming environment
567	dnl
568	SAMHAIN_64
569
570
571	dnl *****************************************
572	dnl checks for structures
573	dnl *****************************************
574
575	AC_STRUCT_TM
576
577	dnl
578	dnl from e2fsprogs
579	dnl
580	AC_MSG_CHECKING(whether struct stat has a st_flags field)
581	AC_CACHE_VAL(e2fsprogs_cv_struct_st_flags,
582	AC_TRY_COMPILE([#include <sys/stat.h>],
583	[struct stat stat; stat.st_flags = 0;],
584	[e2fsprogs_cv_struct_st_flags=yes],
585	[e2fsprogs_cv_struct_st_flags=no]))
586	AC_MSG_RESULT($e2fsprogs_cv_struct_st_flags)
587	if test "$e2fsprogs_cv_struct_st_flags" = yes; then
588	AC_MSG_CHECKING(whether st_flags field is useful)
589	AC_CACHE_VAL(e2fsprogs_cv_struct_st_flags_immut,
590	AC_TRY_COMPILE([#include <sys/stat.h>],
591	[struct stat stat; stat.st_flags \|= UF_IMMUTABLE;],
592	[e2fsprogs_cv_struct_st_flags_immut=yes],
593	[e2fsprogs_cv_struct_st_flags_immut=no]))
594	AC_MSG_RESULT($e2fsprogs_cv_struct_st_flags_immut)
595	if test "$e2fsprogs_cv_struct_st_flags_immut" = yes; then
596	AC_DEFINE(HAVE_STAT_FLAGS)
597	fi
598	fi
599
600	dnl
601	dnl from dbus
602	dnl
603	AC_MSG_CHECKING(for struct cmsgcred)
604	AC_TRY_COMPILE([
605	#include <sys/types.h>
606	#include <sys/socket.h>
607	],[
608	struct cmsgcred cred;
609
610	cred.cmcred_pid = 0;
611	],sh_have_struct_cmsgcred=yes,sh_have_struct_cmsgcred=no)
612	AC_MSG_RESULT($sh_have_struct_cmsgcred)
613
614	if test x$sh_have_struct_cmsgcred = xyes; then
615	AC_DEFINE(HAVE_STRUCT_CMSGCRED,1,[Have cmsgcred structure])
616	fi
617
618	AC_MSG_CHECKING(for struct fcred)
619	AC_TRY_COMPILE([
620	#include <sys/param.h>
621	#include <sys/socket.h>
622	#include <sys/ucred.h>
623	],[
624	struct fcred sockcred;
625	],sh_have_struct_fcred=yes,sh_have_struct_fcred=no)
626	AC_MSG_RESULT($sh_have_struct_fcred)
627
628	if test x$sh_have_struct_fcred = xyes; then
629	AC_DEFINE(HAVE_STRUCT_FCRED,1,[Have fcred structure])
630	fi
631
632	AC_MSG_CHECKING(for struct sockcred)
633	AC_TRY_COMPILE([
634	#include <sys/param.h>
635	#include <sys/socket.h>
636	#include <sys/ucred.h>
637	],[
638	struct sockcred sockcred;
639	],sh_have_struct_sockcred=yes,sh_have_struct_sockcred=no)
640	AC_MSG_RESULT($sh_have_struct_sockcred)
641
642	if test x$sh_have_struct_sockcred = xyes; then
643	AC_DEFINE(HAVE_STRUCT_SOCKCRED,1,[Have sockcred structure])
644	fi
645
646	AC_MSG_CHECKING(for SO_PEERCRED)
647	AC_TRY_COMPILE([
648	#include <sys/types.h>
649	#include <sys/socket.h>
650	],[
651	int test = SO_PEERCRED;
652	],sh_have_SO_PEERCRED=yes,sh_have_SO_PEERCRED=no)
653	AC_MSG_RESULT($sh_have_SO_PEERCRED)
654
655	if test x$sh_have_SO_PEERCRED = xyes; then
656	AC_DEFINE(HAVE_SO_PEERCRED,1,[Have SO_PEERCRED define])
657	fi
658
659
660	dnl *****************************************
661	dnl checks for compiler characteristics
662	dnl *****************************************
663	AC_C_INLINE
664	AC_C_CONST
665	AC_C_BIGENDIAN
666	AC_C_RESTRICT
667
668	AM_SA_SIGACTION_WORKS
669
670	AC_ARG_ENABLE(ssp,
671	[ --disable-ssp disable the GCC stack protector],
672	[],
673	[enable_ssp=yes;]
674	)
675
676	if test "x$GCC" = "xyes"; then
677
678	if test x"${enable_ssp}" = xno; then
679	:
680	else
681	GCC_STACK_PROTECT_LIB
682	GCC_STACK_PROTECT_CC
683	dnl GCC_STACK_CHECK_CC
684	GCC_PIE_CC
685	fi
686
687	fi
688
689	dnl *****************************************
690	dnl
691	dnl checks for system services
692	dnl
693	dnl *****************************************
694
695	dnl
696	dnl check for /proc filesystem
697	dnl
698	if test -d "/proc/$$"
699	then
700	AC_DEFINE([HAVE_PROCFS],[1],[Define if you have a proc fs])
701	fi
702
703	dnl
704	dnl check for GNU gmp
705	dnl
706	AC_CHECK_LIB(gmp, __gmpz_init, [sh_have_gmp=yes], [sh_have_gmp=no])
707	if test "x${sh_have_gmp}" = xno
708	then
709	AC_CHECK_LIB(gmp, mpz_init, [sh_have_gmp=yes], [sh_have_gmp=no])
710	fi
711	if test "x${sh_have_gmp}" = xyes
712	then
713	# LIBS="-lgmp $LIBS"
714	AC_DEFINE(HAVE_LIBGMP, 1, [Have GNU gmp library])
715	fi
716	AC_CHECK_HEADERS(gmp.h)
717
718	AC_MSG_CHECKING([for ps])
719	PS=
720	for ff in /usr/ucb /bin /usr/bin; do
721	if test -x "$ff/ps"; then
722	PS="$ff/ps"
723	AC_MSG_RESULT([$PS])
724	break
725	fi
726	done
727	if test x$PS = x
728	then
729	AC_MSG_RESULT([no])
730	AC_MSG_ERROR([Cannot find ps in any of /usr/ucb /bin /usr/bin])
731	fi
732	AC_DEFINE_UNQUOTED([PSPATH], _("$PS"), [Path to ps])
733
734	AC_MSG_CHECKING([how to use ps])
735	$PS ax >/dev/null 2>&1
736	if test $? -eq 0; then
737	case "$host_os" in
738	openbsd)
739	one=`$PS akx \| wc -l`
740	;;
741	*)
742	one=`$PS ax \| wc -l`
743	;;
744	esac
745	else
746	one=0
747	fi
748	$PS -e >/dev/null 2>&1
749	if test $? -eq 0; then
750	two=`$PS -e \| wc -l`
751	else
752	two=0
753	fi
754	if test $one -ge $two
755	then
756	case "$host_os" in
757	openbsd)
758	PSARG="akx"
759	;;
760	*)
761	PSARG="ax"
762	;;
763	esac
764	else
765	PSARG="-e"
766	fi
767	AC_DEFINE_UNQUOTED([PSARG], _("$PSARG"), [Argument for ps])
768	AC_MSG_RESULT([$PS $PSARG])
769
770	dnl *****************************************
771	dnl
772	dnl enable features
773	dnl
774	dnl *****************************************
775
776	AC_ARG_ENABLE(db-reload,
777	[ --enable-db-reload enable database reload on SIGHUP [[no]]],
778	[
779	if test "x${enable_db_reload}" = xyes; then
780	AC_DEFINE(RELOAD_DATABASE)
781	fi
782	]
783	)
784
785	AC_ARG_ENABLE(xml-log,
786	[ --enable-xml-log enable XML logfile format [[no]]],
787	[
788	if test "x${enable_xml_log}" = xyes; then
789	AC_DEFINE(SH_USE_XML)
790	fi
791	]
792	)
793
794
795	AC_ARG_ENABLE(mail,
796	[ --disable-mail disable the internal SMTP mailer],
797	[
798	if test "x${enable_mail}" = xno; then
799	:
800	else
801	AC_DEFINE(SH_WITH_MAIL)
802	fi
803	],
804	[AC_DEFINE(SH_WITH_MAIL)]
805	)
806
807	AC_ARG_ENABLE(suid,
808	[ --enable-suid allow suid],
809	[
810	if test "x${enable_suid}" = xyes; then
811	AC_DEFINE(SH_ALLOW_SUID, [1], [Define if you want to allow suid execution for samhain])
812	fi
813	]
814	)
815
816	AC_ARG_ENABLE(shellexpand,
817	[ --disable-shellexpand disable shell expansion in config file],
818	[
819	if test "x${enable_shellexpand}" = xno; then
820	:
821	else
822	AC_DEFINE(SH_EVAL_SHELL, [1], [Define if you want shell expansion in configuration file])
823	fi
824	],
825	[AC_DEFINE(SH_EVAL_SHELL, [1], [Define if you want shell expansion in configuration file])]
826	)
827
828	AC_ARG_ENABLE(external-scripts,
829	[ --disable-external-scripts disable interface to external scripts],
830	[
831	if test "x${enableval}" = xno; then
832	:
833	else
834	AC_DEFINE(WITH_EXTERNAL)
835	fi
836	],
837	[AC_DEFINE(WITH_EXTERNAL)]
838	)
839
840	AC_ARG_ENABLE(message-queue,
841	[ --enable-message-queue[[=MODE]] enable SysV message queue [[MODE=0700]]],
842	[
843	if test "x${ac_cv_header_sys_msg_h}" = "xyes"; then
844	if test "x${enable_message_queue}" = xyes; then
845	AC_DEFINE(WITH_MESSAGE_QUEUE)
846	AC_DEFINE_UNQUOTED(MESSAGE_QUEUE_MODE, 0700)
847	elif test "x${enable_message_queue}" != xno; then
848	echo "${enableval}" \| grep ['[^0123456789]'] >/dev/null 2>&1 &&
849	AC_MSG_ERROR([With --enable-message-queue=MODE, MODE must be numeric])
850	echo "${enableval}" \| \
851	grep ['0[0123456789][0123456789][0123456789]'] >/dev/null 2>&1 \|\|
852	AC_MSG_ERROR([With --enable-message-queue=MODE, MODE must be an octal (0nnn) number])
853	AC_DEFINE(WITH_MESSAGE_QUEUE)
854	AC_DEFINE_UNQUOTED(MESSAGE_QUEUE_MODE, ${enable_message_queue})
855	fi
856	else
857	echo
858	echo "**********************************************"
859	echo
860	AC_MSG_WARN([sys/msg.h missing, --enable-message-queue disabled])
861	echo
862	echo "**********************************************"
863	echo
864	fi
865	]
866	)
867
868	AC_ARG_WITH(cflags,
869	[ --with-cflags additional flags to pass to compiler],
870	[
871	if test "x$withval" != "xno" ; then
872	CFLAGS="$CFLAGS $withval"
873	fi
874	]
875	)
876	AC_ARG_WITH(libs,
877	[ --with-libs additional libraries to link with],
878	[
879	if test "x$withval" != "xno" ; then
880	LIBS="$LIBS $withval"
881	fi
882	]
883	)
884
885
886	#
887	# this is from ssh
888	#
889	AC_MSG_CHECKING(whether to use libwrap)
890	LIBWRAP_LIB=""
891	LIBWRAP_INC=""
892	AC_ARG_WITH(libwrap,
893	[ --with-libwrap[=PATH] Compile in libwrap (TCP Wrappers) support],
894	[ AC_MSG_RESULT($withval)
895	case "$withval" in
896	no)
897	;;
898	""\|yes)
899	LIBWRAP_LIB="-lwrap"
900	;;
901	*)
902	if test -d "$withval"; then
903	LIBWRAP_LIB="-L$withval -lwrap"
904	changequote(<<, >>)dnl
905	sh_libwrap_inc=`echo ${withval} \| sed 's%/[^/][^/]*$%%'`
906	LIBWRAP_INC="-I${sh_libwrap_inc}/include"
907	changequote([, ])dnl
908	else
909	LIBWRAP_LIB="-lwrap"
910	changequote(<<, >>)dnl
911	sh_libwrap_inc=`echo ${withval} \| sed 's%/[^/][^/]*$%%'`
912	LIBWRAP_INC="-I${sh_libwrap_inc}"
913	changequote([, ])dnl
914	fi
915	;;
916	esac
917	if test -n "$LIBWRAP_LIB"; then
918	# OLDLIBS="$LIBS"
919	LIBS="$LIBWRAP_LIB $LIBS"
920	# OLDCFLAGS="$CFLAGS"
921	CFLAGS="$CFLAGS $LIBWRAP_INC"
922	AC_CHECK_HEADER(tcpd.h,
923	[],
924	[ AC_MSG_ERROR([Could not find tcpd.h for libwrap. You need to install tcp_wrappers.]) ])
925	AC_TRY_LINK([ #include <tcpd.h>
926	int allow_severity; int deny_severity; ],
927	[ hosts_access((struct request_info *) 0); ],
928	[ AC_DEFINE(SH_USE_LIBWRAP,1,[Build with tcp wrapper support]) ],
929	[ AC_MSG_ERROR([Could not find the libwrap library.]) ])
930	fi ],
931	AC_MSG_RESULT(no)
932	)
933
934
935	dnl
936	dnl NETWORK OPTIONS
937	dnl
938	AC_ARG_ENABLE(network,
939	[ --enable-network=[[client\|server]] compile client or server [[no]]],
940	[
941	if test "x$enable_network" = xclient; then
942	mytclient="-DSH_WITH_CLIENT"
943	yulectl_prg=
944	setpwd_prg="samhain_setpwd"
945	sh_main_prg="samhain"
946	if test "x${sh_have_gmp}" = xyes
947	then
948	LIBS="-lgmp $LIBS"
949	fi
950	dnl AC_CHECK_HEADER(sys/capability.h,
951	dnl [AC_CHECK_LIB(cap, cap_get_proc,,sh_use_lcaps="no")],
952	dnl [sh_use_lcaps="no"])
953	elif test "x$enable_network" = xserver; then
954	mytclient="-DSH_WITH_SERVER"
955	yulectl_prg="yulectl"
956	setpwd_prg="samhain_setpwd"
957	sh_main_prg="yule"
958	if test "x${sh_have_gmp}" = xyes
959	then
960	LIBS="-lgmp $LIBS"
961	fi
962	sh_use_lcaps="undef"
963	elif test "x$enable_network" = xno; then
964	mytclient="-DSH_STANDALONE"
965	yulectl_prg=
966	setpwd_prg=
967	sh_main_prg="samhain"
968	dnl AC_CHECK_HEADER(sys/capability.h,
969	dnl [AC_CHECK_LIB(cap, cap_get_proc,,sh_use_lcaps="no")],
970	dnl [sh_use_lcaps="no"])
971	else
972	AC_MSG_ERROR([With --enable-network=WHAT, WHAT must be client, server, or no])
973	fi
974	],
975	[
976	mytclient="-DSH_STANDALONE"
977	setpwd_prg=
978	yulectl_prg=
979	sh_main_prg="samhain"
980	dnl AC_CHECK_HEADER(sys/capability.h,
981	dnl [AC_CHECK_LIB(cap, cap_get_proc,,sh_use_lcaps="no")],
982	dnl [sh_use_lcaps="no"])
983	],
984	)
985
986	AC_SUBST(setpwd_prg)
987	AC_SUBST(yulectl_prg)
988	AC_SUBST(sh_main_prg)
989	AC_SUBST(mytclient)
990
991	# needed for the rpm spec
992	clmytclient=`echo ${mytclient} \| sed s%\-%%`
993	AC_SUBST(clmytclient)
994
995	sh_no_gcc_static=no
996
997	AC_ARG_ENABLE(static,
998	[ --enable-static enable static linking [[no]]],
999	[
1000	if test x$enable_static = xyes; then
1001	if test x"$mynetbsd" = xyes
1002	then
1003	tmp_LIBS=`echo $LIBS \| sed 's%\-lresolv%%' `
1004	LIBS="${tmp_LIBS}"
1005	fi
1006	if test x"${sh_auparse}" = xyes
1007	then
1008	tmp_LIBS=`echo $LIBS \| sed 's%\-lauparse%%' `
1009	LIBS="${tmp_LIBS}"
1010	fi
1011	AC_DEFINE(SH_COMPILE_STATIC, 1, [Define if compiling static])
1012	if test "x$GCC" = "xyes"; then
1013	sh_no_gcc_static=no
1014	LDFLAGS="$LDFLAGS -static"
1015	else
1016	sh_no_gcc_static=yes
1017	case "$host_os" in
1018
1019	aix)
1020	LDFLAGS="$LDFLAGS -bnso -bI:/lib/syscalls.exp"
1021	;;
1022
1023	hpux)
1024	LDFLAGS="$LDFLAGS -Wl,-a,archive"
1025	;;
1026
1027	osf)
1028	LDFLAGS="$LDFLAGS -non_shared"
1029	;;
1030
1031	irix)
1032	LDFLAGS="$LDFLAGS -non_shared"
1033	;;
1034
1035	sco)
1036	LDFLAGS="$LDFLAGS -dn"
1037	;;
1038
1039	sun)
1040	LDFLAGS="$LDFLAGS -Bstatic"
1041	;;
1042
1043	solaris)
1044	LDFLAGS="$LDFLAGS -Bstatic"
1045	;;
1046
1047	*)
1048	echo "***********************************************"
1049	echo "*"
1050	echo "* Don't know how to enable static linking"
1051	echo "* with your compiler. Please set the environment"
1052	echo "* variable LDFLAGS to:"
1053	echo "* ${LDFLAGS} + the static linking flag"
1054	echo "* and run configure again"
1055	echo "*"
1056	echo "***********************************************"
1057	;;
1058
1059	esac
1060	fi
1061	fi
1062	]
1063	)
1064
1065	if test x"${mytclient}" = x-DSH_STANDALONE -o x"${mytclient}" = x-DSH_WITH_CLIENT;
1066	then
1067	dnl For threaded modules
1068	ACX_PTHREAD
1069	CFLAGS="$CFLAGS $PTHREAD_CFLAGS"
1070	LIBS="$PTHREAD_LIBS $LIBS"
1071	LDFLAGS="$PTHREAD_CFLAGS $LDFLAGS"
1072	CC="$PTHREAD_CC"
1073	dnl For MODI_TXT
1074	CHECK_ZLIB()
1075	fi
1076
1077	if test x$enable_static = xyes; then
1078	:
1079	else
1080	if test x$sh_use_pie = xyes; then
1081	LDFLAGS="$LDFLAGS $PIE_LDFLAGS"
1082	CFLAGS="$CFLAGS $PIE_CFLAGS"
1083	fi
1084	fi
1085	AC_CHECK_FUNC(pmap_getmaps,
1086	AC_DEFINE([HAVE_PMAP_GETMAPS], [], [Define if pmap_getmaps available]), [],[])
1087
1088
1089	#
1090	# this is from the snort configure.in
1091	#
1092	AC_DEFUN(FAIL_MESSAGE,[
1093	echo
1094	echo
1095	echo "**********************************************"
1096	echo " ERROR: unable to find" $1
1097	echo " checked in the following places"
1098	for i in `echo $2`; do
1099	echo " $i"
1100	done
1101	echo "**********************************************"
1102	echo
1103	exit
1104	])
1105
1106	AC_ARG_WITH(libprelude-prefix,
1107	[ --with-libprelude-prefix=PFX Prefix where libprelude is installed (optional)],
1108	libprelude_config_prefix="$withval", libprelude_config_prefix="")
1109
1110	AC_MSG_CHECKING(whether to use prelude)
1111	AC_ARG_WITH(prelude,
1112	[ --with-prelude Prelude IDS support [[no]]],
1113	[
1114	if test "x${withval}" = "xno"; then
1115	AC_MSG_RESULT(no)
1116	else
1117	AC_MSG_RESULT(yes)
1118	if test x$libprelude_config_prefix != x ; then
1119	if test x${LIBPRELUDE_CONFIG+set} != xset ; then
1120	LIBPRELUDE_CONFIG=$libprelude_config_prefix/bin/libprelude-config
1121	fi
1122	fi
1123
1124	AC_PATH_PROG(LIBPRELUDE_CONFIG, libprelude-config, no)
1125	if test x"$LIBPRELUDE_CONFIG" = "xno" ; then
1126	HAVE_PRELUDE_CONFIG=no
1127	else
1128	HAVE_PRELUDE_CONFIG=yes
1129	fi
1130	dnl AC_CHECK_PROG(HAVE_PRELUDE_CONFIG, libprelude-config, yes, no)
1131	if test "$HAVE_PRELUDE_CONFIG" = "yes"; then
1132	sh_libprelude_version=`$LIBPRELUDE_CONFIG --version`
1133	case "$sh_libprelude_version" in
1134	0.8*)
1135	AC_MSG_ERROR([You have Libprelude 0.8, which is too old. Version 0.9.6 or higher is required.])
1136	;;
1137	*)
1138	AM_PATH_LIBPRELUDE([0.9.6],
1139	[
1140	AC_DEFINE(HAVE_LIBPRELUDE,1,[Have libprelude])
1141	CFLAGS="$CFLAGS $LIBPRELUDE_PTHREAD_CFLAGS"
1142	LDFLAGS="$LDFLAGS $LIBPRELUDE_LDFLAGS"
1143	LIBS="$LIBS $LIBPRELUDE_LIBS"
1144	],
1145	[
1146	AC_MSG_ERROR([Could not find libprelude (if you are using --enable-static, the static library libprelude.a might be missing).])
1147	])
1148	;;
1149	esac
1150	else
1151	AC_MSG_ERROR([Could not find libprelude-config.])
1152	fi
1153	fi
1154	],
1155	[
1156	AC_MSG_RESULT(no)
1157	]
1158	)
1159
1160	#
1161	# partly based on the snort configure.in
1162	#
1163	AC_ARG_WITH(database,
1164	[ --with-database=[[mysql\|postgresql\|oracle\|odbc]] database support [[no]]],
1165	[
1166	if test x"$enable_xml_log" != xyes; then
1167	AC_MSG_ERROR([With --with-database, --enable-xml-log is required as well.])
1168	fi
1169	if test "x${withval}" = "xmysql"; then
1170	if test "x$zlib_found" = "x"
1171	then
1172	CHECK_ZLIB()
1173	fi
1174	AC_CHECK_PROG(HAVE_MYSQL_CONFIG, mysql_config, yes, no)
1175	if test "$HAVE_MYSQL_CONFIG" = "yes"; then
1176	sh_mysql_libs="`mysql_config --libs`"
1177	sh_mysql_libs="`eval echo ${sh_mysql_libs}`"
1178	LIBS="$LIBS ${sh_mysql_libs}"
1179	sh_mysql_cflags="`mysql_config --cflags`"
1180	sh_mysql_cflags="`eval echo ${sh_mysql_cflags}`"
1181	CPPFLAGS="$CPPFLAGS ${sh_mysql_cflags}"
1182	else
1183	AC_MSG_CHECKING([for MySQL in /usr /usr/local /usr/local/mysql MYSQL_HOME])
1184	mysql_directory="/usr /usr/local /usr/local/mysql ${MYSQL_HOME}"
1185
1186	for i in $mysql_directory; do
1187	if test -r $i/include/mysql/mysql.h; then
1188	MYSQL_DIR=$i
1189	MYSQL_INC_DIR=$i/include
1190	# we use AC_CHECK_HEADERS to check for mysql/mysql.h
1191	fi
1192	done
1193	if test -z "$MYSQL_DIR"; then
1194	for i in $mysql_directory; do
1195	if test -r $i/include/mysql.h; then
1196	MYSQL_DIR=$i
1197	MYSQL_INC_DIR=$i/include
1198	fi
1199	done
1200	fi
1201
1202	if test -z "$MYSQL_DIR"; then
1203	tmp=""
1204	for i in $mysql_directory; do
1205	tmp="$tmp $i/include $i/include/mysql"
1206	done
1207	FAIL_MESSAGE("mysql headers (mysql.h)", $tmp)
1208	fi
1209
1210	for i in lib lib/mysql; do
1211	str="$MYSQL_DIR/$i/libmysqlclient.*"
1212	for j in `echo $str`; do
1213	if test -r $j; then
1214	MYSQL_LIB_DIR="$MYSQL_DIR/$i"
1215	break 2
1216	fi
1217	done
1218	done
1219
1220	if test -z "$MYSQL_LIB_DIR"; then
1221	for ff in $mysql_directory; do
1222	for i in lib lib/mysql; do
1223	str="$ff/$i/libmysqlclient.*"
1224	for j in `echo $str`; do
1225	if test -r $j; then
1226	MYSQL_LIB_DIR="$ff/$i"
1227	break 3
1228	fi
1229	done
1230	done
1231	done
1232	fi
1233
1234	if test -z "$MYSQL_LIB_DIR"; then
1235	tmp=""
1236	for i in $mysql_directory; do
1237	tmp="$i/lib $i/lib/mysql"
1238	done
1239	FAIL_MESSAGE("mysql library libmysqlclient", $tmp)
1240	fi
1241
1242	AC_MSG_RESULT(yes)
1243	LIBS="$LIBS -L${MYSQL_LIB_DIR} -lmysqlclient"
1244	# CFLAGS="$CFLAGS -I${MYSQL_INC_DIR}"
1245	CPPFLAGS="$CPPFLAGS -I${MYSQL_INC_DIR}"
1246	fi
1247	AC_DEFINE(WITH_MYSQL)
1248	AC_DEFINE(WITH_DATABASE)
1249	if test "x$zlib_found" = "xyes"
1250	then
1251	LIBS="$LIBS -lz -lm"
1252	else
1253	echo
1254
1255	echo " Mysql library was not found or not useable."
1256	echo " Possible reasons include:"
1257	echo " - an old, incompatible version compiled from source"
1258	echo " - on Solaris, libmysql is compiled with the Solaris"
1259	echo " compiler, thus the mysql_config script provides"
1260	echo " compiler options unsuitable for gcc (move"
1261	echo " mysql_config out of your PATH)"
1262	echo " For other problems, check config.log for the error"
1263	echo " message from the compiler."
1264	echo
1265	echo " If your mysql libraries are installed in an"
1266	echo " unusual place, use --with-libs=-L/path/to/libdirectory"
1267	echo " where libdirectory is the directory holding libmysql."
1268	if test x"$enable_static" = xyes; then
1269	echo " Note that for compiling a static binary, you need"
1270	echo " the static libraries, rather than the shared ones."
1271	fi
1272	echo
1273	AC_MSG_ERROR([Could not find libmysql, or it is not useable.])
1274	fi
1275	AC_CHECK_HEADERS(mysql/mysql.h)
1276	elif test "x${withval}" = "xpostgresql"; then
1277	AC_DEFINE(WITH_POSTGRES)
1278	AC_DEFINE(WITH_DATABASE)
1279	#
1280	PGCONF="no"
1281	MY_PATH="${PATH}:/usr/local/bin:/usr/local/pgsql/bin"
1282	OLD_IFS="$IFS"
1283	IFS=":"
1284	for ff in ${MY_PATH}
1285	do
1286	if test -f "$ff/pg_config"
1287	then
1288	PGCONF="$ff/pg_config"
1289	fi
1290	done
1291	IFS="${OLD_IFS}"
1292	#
1293	#
1294	if test "x${PGCONF}" = "xno"
1295	then
1296	AC_MSG_CHECKING(for PostgreSQL in /usr/local/pgsql /usr/pgsql /usr/local /usr PGSQL_HOME)
1297	pgsql_directory="/usr/local/pgsql /usr/pgsql /usr/local /usr ${PGSQL_HOME}"
1298	for i in $pgsql_directory; do
1299	if test -r $i/include/pgsql/libpq-fe.h; then
1300	PGSQL_INC_DIR=$i/include
1301	PGSQL_DIR=$i
1302	# use AC_CHECK_HEADERS to check for pgsql/libpq-fe.h
1303	fi
1304	done
1305	if test -z "$PGSQL_DIR"; then
1306	for i in $pgsql_directory; do
1307	if test -r $i/include/postgresql/libpq-fe.h; then
1308	PGSQL_INC_DIR=$i/include
1309	PGSQL_DIR=$i
1310	fi
1311	done
1312	fi
1313	if test -z "$PGSQL_DIR"; then
1314	for i in $pgsql_directory; do
1315	if test -r $i/include/libpq-fe.h; then
1316	PGSQL_INC_DIR=$i/include
1317	PGSQL_DIR=$i
1318	fi
1319	done
1320	fi
1321
1322	if test -z "$PGSQL_DIR"; then
1323	tmp=""
1324	for i in $pgsql_directory; do
1325	tmp="$tmp $i/include $i/include/pgsql $i/include/postgresql"
1326	done
1327	FAIL_MESSAGE("PostgreSQL header file (libpq-fe.h)", $tmp)
1328	fi
1329
1330	for i in lib lib/pgsql lib/postgresql; do
1331	str="$PGSQL_DIR/$i/libpq.*"
1332	for j in `echo $str`; do
1333	if test -r $j; then
1334	PGSQL_LIB_DIR="$PGSQL_DIR/$i"
1335	break 2
1336	fi
1337	done
1338	done
1339
1340	if test -z "$PGSQL_LIB_DIR"; then
1341	for ff in $pgsql_directory; do
1342	for i in lib lib/pgsql lib/postgresql; do
1343	str="$ff/$i/libpq.*"
1344	for j in `echo $str`; do
1345	if test -r $j; then
1346	PGSQL_LIB_DIR="$ff/$i"
1347	break 3
1348	fi
1349	done
1350	done
1351	done
1352	fi
1353
1354	if test -z "$PGSQL_LIB_DIR"; then
1355	tmp=""
1356	for i in $pgsql_directory; do
1357	tmp="$i/lib $i/lib/pgsql $i/lib/postgresql"
1358	done
1359	FAIL_MESSAGE("postgresql library libpq", $tmp)
1360	fi
1361
1362	AC_MSG_RESULT(yes)
1363
1364	LIBS="$LIBS -L${PGSQL_LIB_DIR} -lpq -lm"
1365	if test x"$enable_static" = xyes; then
1366	LIBS="$LIBS -L${PGSQL_LIB_DIR} -lpq -lcrypt -lm"
1367	else
1368	LIBS="$LIBS -L${PGSQL_LIB_DIR} -lpq -lm"
1369	fi
1370	# CFLAGS="$CFLAGS -I${PGSQL_INC_DIR}"
1371	CPPFLAGS="$CPPFLAGS -I${PGSQL_INC_DIR}"
1372	AC_CHECK_HEADERS(pgsql/libpq-fe.h)
1373	AC_CHECK_HEADERS(postgresql/libpq-fe.h)
1374	else
1375	pg_lib_dir=`${PGCONF} --libdir`
1376	if test x"$enable_static" = xyes; then
1377	LIBS="$LIBS -L${pg_lib_dir} -lpq -lcrypt -lm"
1378	else
1379	LIBS="$LIBS -L${pg_lib_dir} -lpq -lm"
1380	fi
1381	pg_inc_dir=`${PGCONF} --includedir`
1382	# CFLAGS="$CFLAGS -I${pg_inc_dir}"
1383	CPPFLAGS="$CPPFLAGS -I${pg_inc_dir}"
1384	fi
1385	elif test "x${withval}" = "xodbc"; then
1386	AC_MSG_CHECKING(for odbc in /usr /usr/local ODBC_HOME)
1387	odbc_directory="/usr /usr/local"
1388
1389	for i in $odbc_directory; do
1390	if test -r $i/include/sql.h; then
1391	if test -r $i/include/sqlext.h; then
1392	if test -r $i/include/sqltypes.h; then
1393	ODBC_DIR=$i
1394	ODBC_INC_DIR=$i/include
1395	fi
1396	fi
1397	fi
1398	done
1399
1400	if test -z "$ODBC_DIR"; then
1401	tmp=""
1402	for i in $odbc_directory; do
1403	tmp="$tmp $i/include"
1404	done
1405	FAIL_MESSAGE("odbc headers (sql.h sqlext.h sqltypes.h)", $tmp)
1406	fi
1407
1408	str="$ODBC_DIR/lib/libodbc.*"
1409	for j in `echo $str`; do
1410	if test -r $j; then
1411	ODBC_LIB_DIR="$ODBC_DIR/lib"
1412	ODBC_LIB="odbc"
1413	fi
1414	done
1415
1416	if test -z "$ODBC_LIB_DIR"; then
1417	FAIL_MESSAGE("odbc library (libodbc)", "$ODBC_DIR/lib")
1418	fi
1419
1420	AC_MSG_RESULT(yes)
1421	CPPFLAGS="${CPPFLAGS} -I${ODBC_INC_DIR}"
1422	LIBS="${LIBS} -L${ODBC_LIB_DIR} -l$ODBC_LIB"
1423	AC_DEFINE(WITH_ODBC)
1424	AC_DEFINE(WITH_DATABASE)
1425
1426	elif test "x${withval}" = "xoracle"; then
1427
1428	AC_MSG_CHECKING(for oracle in ORACLE_HOME /usr/local /usr)
1429
1430	oracle_directory="/usr /usr/local ${ORACLE_HOME}"
1431	for i in $oracle_directory; do
1432
1433	ff=`find $i -name oci.h 2>/dev/null \| tail -1`
1434	if test "x$ff" = "x"; then
1435	:
1436	else
1437	ORACLE_INC=`dirname $ff`
1438	fi
1439
1440	fg=`find $i -name libclntsh.so 2>/dev/null \| tail -1`
1441	if test "x$fg" = "x"; then
1442	:
1443	else
1444	ORACLE_LIB=`dirname $fg`
1445	fi
1446
1447	done
1448
1449	if test -z "$ORACLE_INC"; then
1450
1451	tmp=""
1452	for i in $oracle_directory; do
1453	tmp="$tmp $i"
1454	done
1455	FAIL_MESSAGE("OCI header file (oci.h) please define ORACLE_INC directory where oci.h resides", $tmp)
1456
1457	elif test -z "$ORACLE_LIB"; then
1458
1459	tmp=""
1460	for i in $oracle_directory; do
1461	tmp="$tmp $i"
1462	done
1463	FAIL_MESSAGE("OCI library file (libclntsh.so) please define ORACLE_LIB directory where libclntsh.so resides", $tmp)
1464
1465	else
1466
1467	ORACLE_CPP_FLAGS="-I$ORACLE_INC"
1468	ORACLE_LIB_DIR="$ORACLE_LIB"
1469
1470	AC_MSG_RESULT([$ORACLE_INC $ORACLE_LIB])
1471
1472	CPPFLAGS="${CPPFLAGS} ${ORACLE_CPP_FLAGS}"
1473
1474	ORACLE_LIBS="-lclntsh"
1475
1476	if test -r $ORACLE_LIB_DIR/libnnz11.so; then
1477	ORACLE_LIBS="${ORACLE_LIBS} -lnnz11"
1478	fi
1479	if test -r $ORACLE_LIB_DIR/libwtc9.so; then
1480	ORACLE_LIBS="${ORACLE_LIBS} -lwtc9"
1481	elif test -r $ORACLE_LIB_DIR/libwtc8.so; then
1482	ORACLE_LIBS="${ORACLE_LIBS} -lwtc8"
1483	fi
1484	LIBS="${LIBS} -L${ORACLE_LIB_DIR} ${ORACLE_LIBS}"
1485	if test "x$GCC" != "xyes"; then
1486	CFLAGS="${CFLAGS} -fno-strict-aliasing"
1487	fi
1488	fi
1489	AC_DEFINE(WITH_ORACLE)
1490	AC_DEFINE(WITH_DATABASE)
1491
1492	else
1493	AC_MSG_ERROR([Option --with-database=database used with unsupported database ${withval}])
1494	fi
1495	]
1496	)
1497
1498	AC_ARG_WITH(console,
1499	[ --with-console=PATH set path to console device [[/dev/console]]],
1500	[
1501	if test "x${withval}" != xno; then
1502	mycons="$withval"
1503	AC_DEFINE_UNQUOTED(DEFAULT_CONSOLE, _("${mycons}") )
1504	fi
1505	])
1506
1507	AC_ARG_WITH(altconsole,
1508	[ --with-altconsole=PATH set path to second console device [[none]]],
1509	[
1510	if test "x${withval}" != xno; then
1511	myaltcons="$withval"
1512	else
1513	myaltcons="NULL"
1514	fi
1515	],
1516	[myaltcons="NULL"])
1517	AC_DEFINE_UNQUOTED(ALT_CONSOLE, _("${myaltcons}") )
1518
1519	AC_ARG_WITH(timeserver,
1520	[ --with-timeserver=HOST set host address for time server [[none]]],
1521	[
1522	if test "x${withval}" != xno; then
1523	mytimeserv="$withval"
1524	AC_DEFINE(HAVE_NTIME)
1525	else
1526	mytimeserv="NULL"
1527	fi
1528	],
1529	mytimeserv="NULL")
1530	AC_DEFINE_UNQUOTED(DEFAULT_TIMESERVER, _("${mytimeserv}") )
1531
1532	AC_ARG_WITH(alttimeserver,
1533	[ --with-alttimeserver=HOST set address for backup time server [[none]]],
1534	[
1535	if test "x${withval}" != xno; then
1536	myalttimeserv="$withval"
1537	AC_DEFINE(HAVE_NTIME)
1538	else
1539	myalttimeserv="NULL"
1540	fi
1541	],
1542	myalttimeserv="NULL")
1543	AC_DEFINE_UNQUOTED(ALT_TIMESERVER, _("${myalttimeserv}") )
1544
1545	AC_ARG_ENABLE(login-watch,
1546	[ --enable-login-watch watch for login/logout [[no]]],
1547	[
1548	if test "x${enable_login_watch}" = xyes; then
1549	AC_DEFINE(SH_USE_UTMP)
1550	fi
1551	]
1552	)
1553
1554	AC_ARG_ENABLE(mounts-check,
1555	[ --enable-mounts-check check mount options on filesystems [[no]]],
1556	[
1557	if test "x${enable_mounts_check}" = xyes; then
1558	AC_DEFINE(SH_USE_MOUNTS)
1559	fi
1560	]
1561	)
1562
1563	AC_ARG_ENABLE(logfile-monitor,
1564	[ --enable-logfile-monitor monitor logfiles [[no]]],
1565	[
1566	if test "x${enable_logfile_monitor}" = xyes; then
1567	AC_CHECK_HEADER(pcre.h,
1568	[
1569	AC_DEFINE(USE_LOGFILE_MONITOR, 1, [Define if you want the logfile monitor module.])
1570	LIBS="-lpcre $LIBS"
1571	],
1572	[
1573	AC_CHECK_HEADER(pcre/pcre.h,
1574	[
1575	AC_DEFINE(USE_LOGFILE_MONITOR, 1, [Define if you want the logfile monitor module.])
1576	AC_DEFINE(HAVE_PCRE_PCRE_H, 1, [Define if you have pcre/pcre.h.])
1577	LIBS="-lpcre $LIBS"
1578	],
1579	AC_MSG_ERROR([The --enable-logfile-monitor option requires libpcre. For compiling the pcre development package is needed.])
1580	)
1581	]
1582	)
1583	AC_CHECK_LIB(pcre, pcre_dfa_exec, [
1584	AC_DEFINE([HAVE_PCRE_DFA_EXEC], 1, [Define if you have pcre_dfa_exec])
1585	], [
1586	AC_MSG_WARN([pcre_dfa_exec not available])
1587	])
1588	fi
1589	]
1590	)
1591
1592
1593	AC_ARG_ENABLE(process-check,
1594	[ --enable-process-check check processes [[no]]],
1595	[
1596	if test "x${enable_process_check}" = xyes; then
1597	AC_CHECK_LIB([rt], [sched_getparam], sh_lrt=yes, sh_lrt=no)
1598	if test x"$sh_lrt" = xyes; then
1599	LIBRT=-lrt
1600	else
1601	LIBRT=
1602	fi
1603	LIBS="$LIBS $LIBRT"
1604	AC_DEFINE(SH_USE_PROCESSCHECK, [1], [Define if you want to check processes])
1605	fi
1606	]
1607	)
1608
1609	AC_ARG_ENABLE(port-check,
1610	[ --enable-port-check check ports [[no]]],
1611	[
1612	if test "x${enable_port_check}" = xyes; then
1613	AC_DEFINE(SH_USE_PORTCHECK, [1], [Define if you want to check ports])
1614	fi
1615	]
1616	)
1617
1618	AC_ARG_ENABLE(userfiles,
1619	[ --enable-userfiles check for users' config files [[no]]],
1620	[
1621	if test "x${enableval}" = "xyes"; then
1622	AC_DEFINE(SH_USE_USERFILES)
1623	fi
1624	]
1625	)
1626
1627	AC_ARG_ENABLE(debug,
1628	[ --enable-debug enable debug options [[no]]],
1629	[
1630	if test "x${enable_debug}" = "xyes"; then
1631	if test "x${mydebugflag}" != "xyes"; then
1632	AC_DEFINE(MEM_DEBUG)
1633	fi
1634	AC_DEFINE(WITH_TPT)
1635	AC_DEFINE(SL_DEBUG)
1636	AC_DEFINE(DNMALLOC_CHECKS, 1, [Debug dnmalloc])
1637	AC_DEFINE(PARANOIA, 0, [Paranoia level for dnmalloc])
1638	AC_DEFINE(SL_FAIL_ON_ERROR)
1639	if test "x${myneedg3}" = "xyes"; then
1640	mydebugdef="-g3"
1641	else
1642	mydebugdef="-g"
1643	fi
1644	mydebugit="yes"
1645	elif test "x${enable_debug}" = "xgdb"; then
1646	if test "x${myneedg3}" = "xyes"; then
1647	mydebugdef="-g3"
1648	else
1649	mydebugdef="-g"
1650	fi
1651	mydebugit="yes"
1652	fi
1653	]
1654	)
1655	AC_SUBST(mydebugdef)
1656
1657	sh_enable_asm=yes
1658	AC_ARG_ENABLE(asm,
1659	[ --disable-asm disable asm inline code],
1660	[
1661	if test "x${enable_asm}" = xno; then
1662	sh_enable_asm=no
1663	fi
1664	]
1665	)
1666
1667	if test "x${samhain_64_asm}" = xyes; then
1668	if test "x${sh_enable_asm}" = xyes; then
1669	AC_DEFINE([TIGER_OPT_ASM],1,[Define to use tiger x86_64 optimized assembly])
1670	fi
1671	fi
1672
1673	AC_ARG_ENABLE(ipv6,
1674	[ --disable-ipv6 disable ipv6 support],
1675	[
1676	if test "x${enable_ipv6}" = xno; then
1677	AC_DEFINE(USE_IPV4,1,[Define if you do not want IPv6])
1678	fi
1679	]
1680	)
1681
1682	if test "x${dnmalloc_ok}" = "xyes"; then
1683	sh_dnmalloc_enabled=yes
1684	else
1685	sh_dnmalloc_enabled=no
1686	fi
1687
1688	AC_ARG_ENABLE(dnmalloc,
1689	[ --disable-dnmalloc disable dnmalloc],
1690	[
1691	if test "x${enable_dnmalloc}" = xno; then
1692	sh_dnmalloc_enabled=no
1693	else
1694	sh_dnmalloc_enabled=yes
1695	fi
1696	]
1697	)
1698
1699	dnl Handle the problem that static linking against libc.a on Linux
1700	dnl produces the error "multiple definitions of malloc"
1701	dnl
1702	if test "x$sh_dnmalloc_enabled" = "xyes"; then
1703	if test x$enable_static = xyes; then
1704	if test "x$sh_no_gcc_static" = "xyes"; then
1705	sh_dnmalloc_enabled=no
1706	else
1707	if test "x$with_gnu_ld" = "xyes"; then
1708	LDFLAGS="$LDFLAGS -Wl,--allow-multiple-definition"
1709	else
1710	sh_dnmalloc_enabled=no
1711	fi
1712	fi
1713	fi
1714	fi
1715
1716	if test "x${sh_dnmalloc_enabled}" = xno; then
1717	AC_DEFINE(USE_SYSTEM_MALLOC,1,[Define if you want to use the system malloc])
1718	fi
1719
1720	AC_ARG_ENABLE(ptrace,
1721	[ --enable-ptrace use anti-debugger options [[no]]],
1722	[
1723	if test "x${enable_ptrace}" = xyes; then
1724	if test "x$mydebugit" != "xyes"; then
1725	AC_DEFINE(SCREW_IT_UP)
1726	fi
1727	fi
1728	]
1729	)
1730
1731	dnl
1732	if test "x$GCC" = "xyes"; then
1733	if test ! -z "`echo "$CFLAGS" \| grep "\-g\ " 2> /dev/null`" ; then
1734	CFLAGS=`echo $CFLAGS \| sed 's%\-g%%' `
1735	fi
1736
1737	dnl if test ! -z "`echo "$CFLAGS" \| grep "\-O2" 2> /dev/null`" ; then
1738	dnl CFLAGS=`echo $CFLAGS \| sed 's%\-O2%\-O3%' `
1739	dnl fi
1740
1741	if test -z "`echo "$CFLAGS" \| grep "\-Wall" 2> /dev/null`" ; then
1742	CFLAGS="$CFLAGS -Wall -W "
1743	fi
1744
1745	if test -z "`echo "$CFLAGS" \| grep "\-fstrength\-reduce" 2> /dev/null`"
1746	then
1747	if test -z "`echo "$CFLAGS" \| grep "\-fno\-strength\-reduce" 2> /dev/null`"
1748	then
1749	CFLAGS="$CFLAGS -fno-strength-reduce"
1750	fi
1751	fi
1752
1753	if test -z "`echo "$CFLAGS" \| grep "\-fomit\-frame\-pointer" 2> /dev/null`"
1754	then
1755	if test -z "`echo "$CFLAGS" \| grep "\-fno\-omit\-frame\-pointer" 2> /dev/null`"
1756	then
1757	CFLAGS="$CFLAGS -fno-omit-frame-pointer"
1758	fi
1759	fi
1760
1761	fi
1762
1763	dnl Test whether gcc supports -Wno-empty-body
1764	dnl Suppresses warnings from glibc pthread_cleanup_pop
1765	dnl
1766	GCC_WEMPTY_BODY
1767
1768	AC_MSG_CHECKING([which random module to use])
1769	AC_ARG_WITH(rnd,
1770	[ --with-rnd=[[egd\|unix\|dev\|default]] random number generator [[default]]],
1771	[use_static_rnd=$withval], [use_static_rnd=default] )
1772
1773	if test "$use_static_rnd" = no; then
1774	use_static_rnd=default
1775	fi
1776
1777	case "$use_static_rnd" in
1778	egd \| dev \| unix \| default )
1779	AC_MSG_RESULT($use_static_rnd)
1780	;;
1781	* )
1782	AC_MSG_RESULT([invalid argument])
1783	AC_MSG_ERROR([Option --with-rnd=module used with unsupported module ${use_static_rnd}])
1784	;;
1785	esac
1786
1787	AC_ARG_WITH(egd-socket,
1788	[ --with-egd-socket=NAME EGD socket name],
1789	egd_socket_name="$withval", egd_socket_name="" )
1790	AC_DEFINE_UNQUOTED(EGD_SOCKET_NAME, _("$egd_socket_name") )
1791
1792	dnl
1793	dnl See whether the user wants to disable checking for /dev/random
1794
1795	try_dev_random=yes
1796
1797	case "$use_static_rnd" in
1798	dev \| default )
1799	try_dev_random=yes
1800	;;
1801	egd)
1802	AC_DEFINE(HAVE_EGD_RANDOM)
1803	try_dev_random=no
1804	;;
1805	unix)
1806	AC_DEFINE(HAVE_UNIX_RANDOM)
1807	try_dev_random=no
1808	;;
1809	esac
1810
1811
1812	if test "x$try_dev_random" = "xyes"; then
1813	AC_MSG_CHECKING(whether /dev/random exists)
1814	if test -r "/dev/srandom" && test -c "/dev/srandom"; then
1815	AC_DEFINE(HAVE_URANDOM)
1816	AC_DEFINE_UNQUOTED(NAME_OF_DEV_RANDOM, _("/dev/srandom") )
1817	AC_MSG_RESULT(yes)
1818	if test -r "/dev/urandom" && test -c "/dev/urandom"; then
1819	AC_DEFINE_UNQUOTED(NAME_OF_DEV_URANDOM, _("/dev/urandom") )
1820	fi
1821	else
1822	if test -r "/dev/random" && test -c "/dev/random"; then
1823	AC_DEFINE(HAVE_URANDOM)
1824	AC_DEFINE_UNQUOTED(NAME_OF_DEV_RANDOM, _("/dev/random") )
1825	AC_MSG_RESULT(yes)
1826	if test -r "/dev/urandom" && test -c "/dev/urandom"; then
1827	AC_DEFINE_UNQUOTED(NAME_OF_DEV_URANDOM, _("/dev/urandom") )
1828	fi
1829	else
1830	AC_MSG_RESULT(no)
1831	AC_DEFINE(HAVE_UNIX_RANDOM)
1832	fi
1833	fi
1834	fi
1835
1836
1837	AC_ARG_ENABLE(udp,
1838	[ --enable-udp server can listen on port 514/udp [[no]]],
1839	[
1840	if test "x${enable_udp}" = xyes; then
1841	AC_DEFINE(INET_SYSLOG)
1842	fi
1843	]
1844	)
1845
1846	myencrypt=yes
1847	AC_ARG_ENABLE(encrypt,
1848	[ --disable-encrypt disable client/server encryption],
1849	[
1850	if test "x${enable_encrypt}" = xno; then
1851	myencrypt=no
1852	elif test "x${enable_encrypt}" = "x1"; then
1853	myencrypt=1
1854	fi
1855	]
1856	)
1857	if test "x${myencrypt}" = "xyes"; then
1858	AC_DEFINE(SH_ENCRYPT)
1859	AC_DEFINE(SH_ENCRYPT_2)
1860	elif test "x${myencrypt}" = "x1"; then
1861	AC_DEFINE(SH_ENCRYPT)
1862	fi
1863
1864	sh_use_srp_proto=yes
1865	AC_ARG_ENABLE(srp,
1866	[ --disable-srp disable SRP for authentication],
1867	[
1868	if test "x${enable_srp}" = xno; then
1869	sh_use_srp_proto=no
1870	fi
1871	]
1872	)
1873	if test "x${sh_use_srp_proto}" = xyes; then
1874	AC_DEFINE(USE_SRP_PROTOCOL)
1875	fi
1876
1877	AC_ARG_WITH(port,
1878	[ --with-port=PORT set port to use for TCP/IP connection [[49777]]],
1879	[
1880	echo "${withval}" \| grep ['[^0123456789]'] >/dev/null 2>&1 &&
1881	AC_MSG_ERROR([For --with-port=PORT, PORT must be numeric.])
1882	myport=${withval}
1883	],
1884	[myport="49777"])
1885	AC_DEFINE_UNQUOTED(SH_DEFAULT_PORT, ${myport})
1886	AC_SUBST(myport)
1887
1888	AC_ARG_WITH(logserver,
1889	[ --with-logserver=HOST set host address for log server [[none]]],
1890	[
1891	case "$withval" in
1892	. \| localhost)
1893	mylogsrv="$withval"
1894	;;
1895	*)
1896	mylogsrv="$withval"
1897	;;
1898	esac
1899	],
1900	[mylogsrv="NULL"])
1901	AC_DEFINE_UNQUOTED(DEFAULT_LOGSERVER, _("${mylogsrv}") )
1902	AC_SUBST(mylogsrv)
1903
1904	AC_ARG_WITH(altlogserver,
1905	[ --with-altlogserver=HOST set address for backup log server [[none]]],
1906	[
1907	case "$withval" in
1908	. \| localhost)
1909	myaltlogsrv="$withval"
1910	;;
1911	*)
1912	myaltlogsrv="$withval"
1913	;;
1914	esac
1915	],
1916	[myaltlogsrv="NULL"])
1917	AC_DEFINE_UNQUOTED(ALT_LOGSERVER, _("${myaltlogsrv}"))
1918
1919
1920
1921	dnl
1922	dnl STEALTH OPTIONS
1923	dnl
1924	nocl_code=
1925	xor_code=0
1926	AC_ARG_ENABLE(nocl,
1927	[ --enable-nocl=PW no CL parsing unless first CL argument is PW],
1928	[
1929	if test "x${enableval}" != "x"; then
1930	AC_DEFINE(SH_STEALTH_NOCL)
1931	fi
1932	if test "x${enableval}" = "xstop" \|\| test "x${enableval}" = "xstart"; then
1933	AC_MSG_ERROR([For --enable-nocl=PW start/stop/reload/restart/status are reserved words.])
1934	fi
1935	if test "x${enableval}" = "xreload" \|\| test "x${enableval}" = "xrestart"; then
1936	AC_MSG_ERROR([For --enable-nocl=PW start/stop/reload/restart/status are reserved words.])
1937	fi
1938	if test "x${enableval}" = "xstatus"; then
1939	AC_MSG_ERROR([For --enable-nocl=PW start/stop/reload/restart/status are reserved words.])
1940	fi
1941	if test "x${enableval}" = "xno"; then
1942	AC_MSG_ERROR([With --enable-nocl=PW, the use of --enable-nocl=no is ambiguous.])
1943	fi
1944	nocl_code="${enable_nocl}"
1945	]
1946	)
1947	AC_DEFINE_UNQUOTED(NOCL_CODE, _("${nocl_code}") )
1948	AC_SUBST(nocl_code)
1949	AC_ARG_ENABLE(stealth,
1950	[ --enable-stealth=XOR_VAL enable stealth mode [[no]]],
1951	[AC_DEFINE(SH_STEALTH)
1952	if test "x${enableval}" != "xyes"; then
1953	echo "${enableval}" \| grep ['[^0123456789]'] >/dev/null 2>&1 &&
1954	AC_MSG_ERROR([For --enable-stealth=XOR_VAL, XOR_VAL must be numeric.])
1955	if test "${enableval}" -lt 127 \|\| test "${enableval}" -gt 255; then
1956	if test x"${enableval}" = x0
1957	then
1958	:
1959	else
1960	AC_MSG_ERROR([For --enable-stealth=XOR_VAL, XOR_VAL must be in the range 127 to 255.])
1961	fi
1962	fi
1963	xor_code="${enable_stealth}"
1964	else
1965	xor_code=0
1966	fi
1967	stegin_prg="samhain_stealth"
1968	],
1969	[
1970	stegin_prg=
1971	]
1972	)
1973	AC_ARG_ENABLE(micro-stealth,
1974	[ --enable-micro-stealth=XOR_VAL enable micro stealth mode [[no]]],
1975	[
1976	AC_DEFINE(SH_STEALTH)
1977	AC_DEFINE(SH_STEALTH_MICRO)
1978	if test "x${enableval}" != "xyes"; then
1979	echo "${enableval}" \| grep ['[^0123456789]'] >/dev/null 2>&1 &&
1980	AC_MSG_ERROR([For --enable-micro-stealth=XOR_VAL, XOR_VAL must be numeric.])
1981	if test "${enableval}" -lt 127 \|\| test "${enableval}" -gt 255; then
1982	if test x"${enableval}" = x0
1983	then
1984	:
1985	else
1986	AC_MSG_ERROR([For --enable-micro-stealth=XOR_VAL, XOR_VAL must be in the range 127 to 255.])
1987	fi
1988	fi
1989	xor_code="${enable_micro_stealth}"
1990	else
1991	xor_code=0
1992	fi
1993	]
1994	)
1995	install_name="samhain"
1996	INSTALL_NAME="SAMHAIN"
1997	AC_ARG_ENABLE(install-name,
1998	[ --enable-install-name=NAME name under which to install [[samhain\|yule]]],
1999	[
2000	if test "x${enableval}" != "xyes"; then
2001	install_name="${enableval}"
2002	INSTALL_NAME=`echo "${enableval}" \| tr [a-z] [A-Z]`
2003	else
2004	install_name="${sh_main_prg}"
2005	INSTALL_NAME=`echo "${sh_main_prg}" \| tr [a-z] [A-Z]`
2006	fi
2007	],
2008	[
2009	install_name="${sh_main_prg}"
2010	INSTALL_NAME=`echo "${sh_main_prg}" \| tr [a-z] [A-Z]`
2011	]
2012	)
2013
2014
2015	need_user_install=0
2016
2017	AC_ARG_ENABLE(identity,
2018	[ --enable-identity=USER user if dropping root [[daemon]]],
2019	[
2020	if test x"$enableval" = xno; then
2021	myident="daemon"
2022	else
2023	myident="$enableval"
2024	fi
2025	echo "${myident}" \| grep ['[^0123456789]'] >/dev/null 2>&1 \|\| \
2026	AC_MSG_ERROR([With --enable-identity=USER, please supply a username, not a UID.])
2027	myident_uid=`(cat /etc/passwd; ypcat passwd) 2>/dev/null \|\
2028	grep "^${myident}:" \| awk -F: '{ print $3; }'`
2029	if test x"${myident_uid}" = x; then
2030	AC_MSG_WARN([Option --enable-identity used, user ${myident} will be added upon install.])
2031	need_user_install=1
2032	fi
2033	],
2034	[
2035	for myident in ${install_name} daemon nobody; do
2036	AC_MSG_CHECKING(for user ${myident})
2037	myident_uid=`(cat /etc/passwd; ypcat passwd) 2>/dev/null \|\
2038	grep "^${myident}:" \| awk -F: '{ print $3; }'`
2039	if test x"${myident_uid}" != x; then
2040	AC_MSG_RESULT(yes)
2041	break;
2042	else
2043	AC_MSG_RESULT(no)
2044	fi
2045	done
2046	if test x"${myident_uid}" = x; then
2047	myident=${install_name}
2048	AC_MSG_WARN([--enable-identity: user ${myident} will be added upon install])
2049	need_user_install=1
2050	fi
2051	])
2052	AC_DEFINE_UNQUOTED(DEFAULT_IDENT, _("${myident}") )
2053	AC_SUBST(myident)
2054	AC_SUBST(need_user_install)
2055
2056	sh_insmod_cmd=": # no kernel module"
2057	sh_insmod_pre=": # no kernel module"
2058	sh_lkm=""
2059	lkm_inc=""
2060	khidemap="/boot/System.map"
2061	sh_syscalltable="0x0"
2062	AC_ARG_ENABLE(khide,
2063	[ --enable-khide=SYSTEM_MAP use kernel module to hide (Linux only)[[/boot/System.map]]],
2064	[
2065	if test "x${enable_khide}" != xno; then
2066
2067	kernel_testsupport=`uname -r \| sed s,^3.*,LINUX3,`
2068	if test "x${kernel_testsupport}" = "xLINUX3"; then
2069	AC_MSG_ERROR([The --enable-khide option is not supported on Linux kernel version 3.x or above.])
2070	fi
2071
2072	if test "x${enableval}" != "xyes"; then
2073	khidemap="${enableval}"
2074	fi
2075	sh_syscalltable=`egrep '(D\|d\|R\|r) sys_call_table' ${khidemap} \| awk '{print $1}'`
2076	if test x"$sh_syscalltable" = x; then
2077	AC_MSG_ERROR([Option --enable-khide cannot be used since the symbol sys_call_table was not found in ${khidemap}.])
2078	fi
2079	sh_syscalltable="0x${sh_syscalltable}"
2080	install_name_len=`echo ${install_name} \| awk '{ print(length()); }'`
2081	if test "${install_name_len}" -gt 15 ; then
2082	AC_MSG_ERROR([If --enable-khide is used, install_name must not exceed a length of 15 chars.])
2083	fi
2084	AC_DEFINE(SH_USE_LKM)
2085	AC_DEFINE_UNQUOTED(SH_MAGIC_HIDE, "${install_name}")
2086
2087	# -- NEW --
2088	kernel_version=`uname -r \| sed s,2.6.*,LINUX26,`
2089	kernel_numeric=`uname -r \| sed 's%-%.%g' \| sed 's%_%.%g' \| awk -F. '{ print $165536+$2256+$3 }'`
2090	AC_DEFINE_UNQUOTED(SH_KERNEL_NUMERIC, ${kernel_numeric}, [Kernel number])
2091
2092	if test x"$kernel_version" = xLINUX26
2093	then
2094	AC_MSG_CHECKING([for modlist_lock])
2095	sh_modlist_lock=`egrep ['[bd] modlist_lock$'] ${khidemap} \| awk '{print $1}'`
2096	if test x"$sh_modlist_lock" = x; then
2097	AC_MSG_RESULT(no)
2098	else
2099	sh_modlist_lock="0x${sh_modlist_lock}"
2100	AC_MSG_RESULT([${sh_modlist_lock}])
2101	AC_DEFINE_UNQUOTED(SH_MODLIST_LOCK, ${sh_modlist_lock}, [The address of the modules list spinlock])
2102	fi
2103
2104	AC_MSG_CHECKING([for module_mutex])
2105	sh_modlist_mutex=`egrep ['[bd] module_mutex$'] ${khidemap} \| awk '{print $1}'`
2106	if test x"$sh_modlist_mutex" = x; then
2107	AC_MSG_RESULT(no)
2108	else
2109	sh_modlist_mutex="0x${sh_modlist_mutex}"
2110	AC_MSG_RESULT([${sh_modlist_mutex}])
2111	AC_DEFINE_UNQUOTED(SH_MODLIST_MUTEX, ${sh_modlist_mutex}, [The address of the modules list mutex])
2112	fi
2113
2114	sh_list_modules=`egrep 'd modules$' ${khidemap} \| awk '{print $1}'`
2115	if test x"$sh_list_modules" = x; then
2116	AC_MSG_ERROR([Option --enable-khide cannot be used, since the symbol modules was not found in ${khidemap}.])
2117	fi
2118	sh_list_modules="0x${sh_list_modules}"
2119	AC_DEFINE_UNQUOTED(SH_LIST_MODULES, ${sh_list_modules}, [The address of the modules list])
2120
2121	AC_DEFINE(LINUX26, 1, [Define if kernel is 2.6])
2122	sh_insmod_cmd="modprobe ${install_name}_hide"
2123	sh_lkm="samhain_hide.ko"
2124	else
2125	sh_insmod_cmd="insmod ${install_name}_hide; insmod ${install_name}_erase; rmmod ${install_name}_erase"
2126	sh_lkm="samhain_hide.o samhain_erase.o"
2127	fi
2128	# -- END NEW --
2129
2130	kvers=`uname -r`
2131	if test -f /lib/modules/${kvers}/build/include/linux/kernel.h; then
2132	lkm_inc="-I/lib/modules/${kvers}/build/include"
2133	else
2134	AC_MSG_WARN([--enable-khide: /lib/modules/${kvers}/build/include/linux not found])
2135	AC_MSG_WARN([--enable-khide: You may need to install the kernel-source])
2136	AC_MSG_WARN([--enable-khide: headers for the currently-running kernel.])
2137	fi
2138
2139	AC_MSG_CHECKING([for 2.4 vanilla kernel])
2140	sh_is_vanilla_kernel=yes
2141	if test -f /lib/modules/${kvers}/build/include/linux/sched.h; then
2142	grep 'next_task,' /lib/modules/${kvers}/build/include/linux/sched.h >/dev/null 2>&1 \|\| sh_is_vanilla_kernel=no
2143	fi
2144	if test x"${sh_is_vanilla_kernel}" = xno; then
2145	AC_MSG_RESULT(no)
2146	else
2147	AC_MSG_RESULT(yes)
2148	AC_DEFINE(SH_VANILLA_KERNEL)
2149	fi
2150
2151	fi
2152	]
2153	)
2154
2155	AC_SUBST(install_name)
2156	AC_SUBST(INSTALL_NAME)
2157	AC_SUBST(stegin_prg)
2158	AC_SUBST(xor_code)
2159
2160	AC_DEFINE_UNQUOTED(XOR_CODE, ${xor_code})
2161	AC_DEFINE_UNQUOTED(SH_SYSCALLTABLE, ${sh_syscalltable})
2162
2163
2164	exepack_state0=`${srcdir}/c_random.sh 2>/dev/null`
2165	exepack_state1=`${srcdir}/c_random.sh 2>/dev/null`
2166	exepack_state2=`${srcdir}/c_random.sh 2>/dev/null`
2167
2168	AC_DEFINE_UNQUOTED(EXEPACK_STATE_0, ${exepack_state0})
2169	AC_DEFINE_UNQUOTED(EXEPACK_STATE_1, ${exepack_state1})
2170	AC_DEFINE_UNQUOTED(EXEPACK_STATE_2, ${exepack_state2})
2171
2172
2173	AC_ARG_ENABLE(suidcheck,
2174	[ --enable-suidcheck check for suid/sgid files [[no]]],
2175	[
2176	if test "x${enableval}" = "xyes"; then
2177	AC_DEFINE(SH_USE_SUIDCHK)
2178	fi
2179	]
2180	)
2181
2182
2183	systemmap="/boot/System.map"
2184	sh_libkvm=""
2185	AC_ARG_WITH(kcheck,
2186	[ --with-kcheck[[=SYSTEM_MAP]] check Linux/FreeBSD/OpenBSD kernel integrity [[/boot/System.map]]],
2187	[
2188	if test "x${withval}" != "xno"; then
2189	AC_DEFINE(SH_USE_KERN)
2190
2191	kernel_numeric=`uname -r \| sed 's%-%.%g' \| sed 's%_%.%g' \| awk -F. '{ print $165536+$2256+$3 }'`
2192	AC_DEFINE_UNQUOTED(SH_KERNEL_NUMBER, ${kernel_numeric}, [Kernel number])
2193
2194	kernelversion=`uname -r`
2195	AC_DEFINE_UNQUOTED(SH_KERNEL_VERSION, _("${kernelversion}"), [Define the kernel version])
2196
2197	if test "x${withval}" != "xyes"; then
2198	systemmap="${withval}"
2199	fi
2200
2201	if test "x${cross_compiling}" = xyes; then
2202	:
2203	elif test "x$selectconfig" = "xfreebsd"; then
2204	LIBS="$LIBS -lkvm"
2205	sh_libkvm="-lkvm"
2206	elif test -f "${systemmap}"; then
2207
2208	test_kmap_open=no
2209
2210	if test -c /dev/kmem; then
2211	AC_MSG_CHECKING([whether /dev/kmem is useable])
2212	dd bs=4 count=16 if=/dev/kmem of=/dev/null >/dev/null 2>&1
2213	if test $? -eq 0; then
2214	test_kmap_open=yes
2215	fi
2216	AC_MSG_RESULT([${test_kmap_open}])
2217	fi
2218
2219	if test x"${test_kmap_open}" = xno; then
2220	# need kernel module
2221
2222	if test -f /lib/modules/${kernelversion}/build/include/linux/kernel.h; then
2223	lkm_inc="-I/lib/modules/${kernelversion}/build/include"
2224	else
2225	AC_MSG_WARN([--enable-khide: /lib/modules/${kernelversion}/build/include/linux not found])
2226	AC_MSG_WARN([--enable-khide: You may need to install the kernel-source])
2227	AC_MSG_WARN([--enable-khide: headers for the currently-running kernel.])
2228	fi
2229
2230	AC_MSG_CHECKING([for vmlist_lock])
2231	sh_vmlist_lock=`egrep ['[bdBD] vmlist_lock$'] ${systemmap} \| awk '{print $1}'`
2232	if test x"$sh_vmlist_lock" = x; then
2233	AC_MSG_RESULT(no)
2234	else
2235	sh_vmlist_lock="0x${sh_vmlist_lock}"
2236	AC_MSG_RESULT([${sh_vmlist_lock}])
2237	AC_DEFINE_UNQUOTED(SH_VMLIST_LOCK, ${sh_vmlist_lock}, [The address of the vmlist spinlock])
2238	fi
2239
2240	AC_MSG_CHECKING([for vmlist])
2241	sh_vmlist=`egrep ['[bdBD] vmlist$'] ${systemmap} \| awk '{print $1}'`
2242	if test x"$sh_vmlist" = x; then
2243	AC_MSG_RESULT(no)
2244	else
2245	sh_vmlist="0x${sh_vmlist}"
2246	AC_MSG_RESULT([${sh_vmlist}])
2247	AC_DEFINE_UNQUOTED(SH_VMLIST, ${sh_vmlist}, [The address of the vmlist])
2248	fi
2249
2250	sh_lkm="${sh_lkm} samhain_kmem.ko"
2251	sh_insmod_pre="modprobe ${install_name}_kmem"
2252
2253	fi
2254	else
2255	AC_MSG_ERROR([Option --with-kcheck=systemmap cannot be used, because system map ${systemmap} does not exist.])
2256	fi
2257	fi
2258	]
2259	)
2260
2261	AC_SUBST(lkm_inc)
2262	AC_SUBST(sh_lkm)
2263	AC_SUBST(sh_insmod_cmd)
2264	AC_SUBST(sh_insmod_pre)
2265
2266	AC_SUBST(systemmap)
2267	AC_SUBST(sh_libkvm)
2268
2269	AC_ARG_ENABLE(base,
2270	[ --enable-base=B1,B2 base key (0...2147483647)],
2271	[
2272	AC_MSG_CHECKING(base key setting)
2273	my_key_A=`echo ${enableval} \| awk 'BEGIN{FS=","}{print $1}'`
2274	my_key_B=`echo ${enableval} \| awk 'BEGIN{FS=","}{print $2}'`
2275	AC_MSG_RESULT(${my_key_A} ${my_key_B})
2276	if test "x${my_key_A}" = x; then
2277	AC_MSG_ERROR([Option --enable-base=B1,B2 used with invalid first base key (zero length).])
2278	fi
2279	if test "x${my_key_B}" = x; then
2280	AC_MSG_ERROR([Option --enable-base=B1,B2 used with invalid second base key (zero length).])
2281	fi
2282	echo "${my_key_A}" \| grep ['[^0123456789]'] >/dev/null 2>&1 &&
2283	AC_MSG_ERROR([For --enable-base=B1,B2, B1 and B2 must be numeric in the range 0 to 2147483647.])
2284	echo "${my_key_B}" \| grep ['[^0123456789]'] >/dev/null 2>&1 &&
2285	AC_MSG_ERROR([For --enable-base=B1,B2, B1 and B2 must be numeric in the range 0 to 2147483647.])
2286	],
2287	[
2288	AC_MSG_CHECKING(base key setting .. collecting entropy)
2289	my_key_1=`${srcdir}/c_random.sh 2>/dev/null`
2290	my_key_2=`${srcdir}/c_random.sh 2>/dev/null`
2291	my_key_3=`${srcdir}/c_random.sh 2>/dev/null`
2292	my_key_4=`${srcdir}/c_random.sh 2>/dev/null`
2293	my_key_A=`expr $my_key_1 \* 32767`
2294	my_key_A=`echo ${my_key_A} \| sed 's%^0*%%g' 2>/dev/null`
2295	my_key_A=`expr $my_key_A \+ $my_key_2`
2296	my_key_B=`expr $my_key_3 \* 32767`
2297	my_key_B=`echo ${my_key_B} \| sed 's%^0*%%g' 2>/dev/null`
2298	my_key_B=`expr $my_key_B \+ $my_key_4`
2299	AC_MSG_RESULT(${my_key_A} ${my_key_B})
2300	]
2301	)
2302	AC_SUBST(my_key_A)
2303	AC_SUBST(my_key_B)
2304
2305	dnl low bytes
2306	my_key_1=`expr $my_key_A \% 65536`
2307	dnl high bytes
2308	my_key_2=`expr $my_key_A \/ 65536`
2309	dnl low bytes
2310	my_key_3=`expr $my_key_B \% 65536`
2311	dnl high bytes
2312	my_key_4=`expr $my_key_B \/ 65536`
2313
2314	dnl echo ${my_key_1} ${my_key_2} ${my_key_3} ${my_key_4}
2315
2316	dnl touch ./sh_MK.h
2317	dnl echo "#ifndef SH_MK_H" >> ./sh_MK.h
2318	dnl echo "#define SH_MK_H" >> ./sh_MK.h
2319	dnl ${srcdir}/c_bits.sh ${my_key_1} MKB >> ./sh_MK.h
2320	dnl ${srcdir}/c_bits.sh ${my_key_2} MKA >> ./sh_MK.h
2321	dnl ${srcdir}/c_bits.sh ${my_key_3} MKC >> ./sh_MK.h
2322	dnl ${srcdir}/c_bits.sh ${my_key_4} MKD >> ./sh_MK.h
2323	dnl echo "#endif" >> ./sh_MK.h
2324	AC_SUBST(my_key_1)
2325	AC_SUBST(my_key_2)
2326	AC_SUBST(my_key_3)
2327	AC_SUBST(my_key_4)
2328
2329	AC_MSG_CHECKING(key position)
2330	pos_tf_1=`${srcdir}/c_random.sh 2>/dev/null`
2331	pos_tf_2=`expr $pos_tf_1 \% 8`
2332	pos_tf=`expr $pos_tf_2 + 1`
2333	AC_MSG_RESULT(${pos_tf})
2334	AC_DEFINE_UNQUOTED(POS_TF, ${pos_tf} )
2335
2336	mykeybase=`echo ${my_key_A},${my_key_B}`
2337	AC_DEFINE_UNQUOTED(DEFKEY, ${mykeybase} )
2338	AC_SUBST(mykeybase)
2339
2340
2341	dnl
2342	dnl GPG/PGP options
2343	dnl
2344
2345	AC_ARG_WITH(gpg,
2346	[ --with-gpg=PATH use GnuPG to verify database/config [[no]]],
2347	[
2348	if test "x${withval}" != "xno"; then
2349	if test "x${cross_compiling}" = xyes; then
2350	mygpg="${withval}"
2351	else
2352	if test -f "${withval}"; then
2353	mygpg="${withval}"
2354	mychk0=`${withval} --load-extension tiger --print-md TIGER192 ${withval} 2>/dev/null`
2355	if test "x$?" != "x0"; then
2356	mychktest=no
2357	for sampre in ./samhain ./yule /usr/local/sbin/samhain /usr/local/bin/samhain /usr/bin/samhain /usr/sbin/samhain /usr/local/sbin/yule /usr/local/bin/yule /usr/bin/yule /usr/sbin/yule; do
2358	if test x"${mychktest}" = xyes
2359	then
2360	:
2361	else
2362	if test -f ${sampre}
2363	then
2364	echo "use existing ${sampre} for gpg checksum"
2365	mychk0=`${sampre} -H ${withval} 2>/dev/null`
2366	if test "x$?" != "x0"; then
2367	if test "x${nocl_code}" != "x"; then
2368	mychk0=`echo -H ${withval} \| ${sampre} ${nocl_code} 2>/dev/null`
2369	if test "x$?" != "x0"; then
2370	:
2371	else
2372	mychk="${mychk0}"
2373	mychktest=yes
2374	fi
2375	fi
2376	else
2377	mychk="${mychk0}"
2378	mychktest=yes
2379	fi
2380	fi
2381	fi
2382	done
2383	if test x${mychktest} = xno; then
2384	AC_MSG_WARN([--with-gpg: cannot determine TIGER192 checksum of ${withval}])
2385	echo "-------------------------------------------------------------"
2386	echo " Your gpg binary does not support the TIGER192 checksum, "
2387	echo " and I cannot find an existing samhain binary to use instead."
2388	echo " You can:"
2389	echo " (a) run make to compile a samhain binary, then repeat"
2390	echo " ./configure and make"
2391	echo " (b) ignore the failure. The checksum of the gpg binary"
2392	echo " will not get compiled in, thus allowing an attacker"
2393	echo " to replace gpg with a trojan and subverting the gpg"
2394	echo " signature verification of configure and database files."
2395	echo
2396	echo " PLEASE IGNORE THIS MESSAGE IF YOU ALSO USE --with-checksum"
2397	echo "-------------------------------------------------------------"
2398	fi
2399	else
2400	mychk="${mychk0}"
2401	fi
2402	else
2403	AC_MSG_ERROR([--with-gpg: cannot find GnuPG PATH=${withval}])
2404	fi
2405	fi
2406	AC_DEFINE(WITH_GPG)
2407	AC_DEFINE_UNQUOTED(DEFAULT_GPG_PATH, _("${mygpg}") )
2408	AC_SUBST(mygpg)
2409	fi
2410	]
2411	)
2412
2413	AC_ARG_WITH(keyid,
2414	[ --with-keyid=KEYID specify KeyID (0x...) for GPG/PGP functions [[none]]],
2415	[
2416	if test "x${withval}" != "x"; then
2417	echo "${withval}" \| awk '{if((length($0)==10)\|\|(length($0)==18)){exit 2}else{exit 0}}' &&
2418	AC_MSG_ERROR([--with-keyid:${withval} must be "0x" + 8\|16 hex digits])
2419	echo "${withval}" \| grep ['[^0][^x][^0123456789ABCDEFabcdef]'] >/dev/null 2>&1 &&
2420	AC_MSG_ERROR([--with-keyid:${withval} must be "0x" + 8\|16 hex digits])
2421	mykeyid="$withval"
2422	mykeytag="--default-key"
2423	else
2424	mykeyid=""
2425	mykeytag=""
2426	fi
2427	AC_SUBST(mykeyid)
2428	AC_SUBST(mykeytag)
2429	]
2430	)
2431
2432	dnl AC_ARG_WITH(pgp,
2433	dnl [ --with-pgp=PATH Use PGP to verify database/config (no).],
2434	dnl [myppg="$withval"
2435	dnl AC_DEFINE(WITH_PGP)
2436	dnl AC_DEFINE_UNQUOTED(DEFAULT_PGP_PATH, _("${myppg}") )
2437	dnl ])
2438
2439	AC_ARG_WITH(checksum,
2440	[ --with-checksum=CHKSUM compile in gpg/pgp checksum [[yes]]],
2441	[
2442	if test "x${withval}" != "xno"; then
2443	if test "x${withval}" != "xyes"; then
2444	if test "x${mychk}" != "x"; then
2445	if test "x${mychk}" != "x${withval}"; then
2446	AC_MSG_WARN([--with-checksum: possible gpg CHKSUM problem])
2447	AC_MSG_WARN([--with-checksum: CHKSUM=${withval}])
2448	AC_MSG_WARN([--with-checksum: autodetected=${mychk}])
2449	fi
2450	fi
2451	mychk="${withval}"
2452	else
2453	if test "x${mychk}" = "x"; then
2454	AC_MSG_ERROR([Option --with-checksum=CHKSUM: checksum CHKSUM of the gpg binary not specified.])
2455	fi
2456	fi
2457	AC_DEFINE(HAVE_GPG_CHECKSUM)
2458	AC_DEFINE_UNQUOTED(GPG_HASH, _("${mychk}") )
2459	echo "${mychk}" \| sed 's,.*:,,g' \| sed 's, ,,g' \| sed 's,\(.\),\1:,g' \| awk '{ split($0, arr, ":"); m = length($1)/2; print "#ifndef CHKSUM_H"; print "#define CHKSUM_H"; print "char gpgchk[50];"; for (i=1; i <= m; i++) printf "gpgchk[%d] = %c%s%c;\n", i-1, 39, arr[i], 39; printf "gpgchk[48] = %c%c0%c;\n", 39, 92, 39; print "#endif"; }' > sh_gpg_chksum.h
2460	fi
2461	],
2462	[
2463	if test "x${mygpg}" != "x"; then
2464	if test "x${mychk}" != "x"; then
2465	AC_DEFINE(HAVE_GPG_CHECKSUM)
2466	AC_DEFINE_UNQUOTED(GPG_HASH, _("${mychk}") )
2467	echo "${mychk}" \| sed 's,.*:,,g' \| sed 's, ,,g' \| sed 's,\(.\),\1:,g' \| awk '{ split($0, arr, ":"); m = length($1)/2; print "#ifndef CHKSUM_H"; print "#define CHKSUM_H"; print "char gpgchk[50];"; for (i=1; i <= m; i++) printf "gpgchk[%d] = %c%s%c;\n", i-1, 39, arr[i], 39; printf "gpgchk[48] = %c%c0%c;\n", 39, 92, 39; print "#endif"; }' > sh_gpg_chksum.h
2468	fi
2469	fi
2470	]
2471	)
2472
2473	AC_ARG_WITH(fp,
2474	[ --with-fp=FINGERPRINT compile in public key fingerprint [[no]]],
2475	[
2476	if test "x${withval}" != "xno"; then
2477	if test "x${withval}" != "xyes"; then
2478	withval0=`echo ${withval} \| sed 's% %%g'`
2479	echo "${withval0}" \| \
2480	grep ['[^0123456789abcdefABCDEF]'] >/dev/null 2>&1 &&
2481	AC_MSG_ERROR([In option --with-fp=FINGERPRINT, there is an invalid character(s) in FINGERPRINT=${withval0}.])
2482	sh_len=`echo ${withval0} \| wc -c \| sed 's% %%g'`
2483	sh_len0=`expr ${sh_len} \- 1`
2484	if test "x${sh_len0}" = "x40" \|\| test "x${sh_len0}" = "x32"
2485	then
2486	myfp="${withval0}"
2487	AC_DEFINE(USE_FINGERPRINT)
2488	AC_DEFINE_UNQUOTED(SH_GPG_FP, _("${myfp}") )
2489	echo "${myfp}" \| sed 's,.*:,,g' \| sed 's, ,,g' \| sed 's,\(.\),\1:,g' \| awk '{ split($0, arr, ":"); m = length($1)/2; print "#ifndef FINGERPRINT_H"; print "#define FINGERPRINT_H"; printf "char gpgfp[%d];\n", m+1; for (i=1; i <= m; i++) printf "gpgfp[%d] = %c%s%c;\n", i-1, 39, arr[i], 39; printf "gpgfp[%d] = %c%c0%c;\n", m, 39, 92, 39; print "#endif"; }' > sh_gpg_fp.h
2490	else
2491	AC_MSG_ERROR([In option --with-fp=FINGERPRINT, the length (${sh_len0}) of FINGERPRINT ${withval0} is incorrect.])
2492	fi
2493	else
2494	AC_MSG_ERROR([For option --with-fp=FINGERPRINT, FINGERPRINT=yes is invalid, please specify a valid key fingerprint.])
2495	fi
2496	fi
2497	])
2498
2499
2500	dnl
2501	dnl MAIL OPTIONS
2502	dnl
2503
2504	AC_ARG_WITH(recipient,
2505	[ --with-recipient=ADDR set recipient(s) for e-mail [[none]]],
2506	[
2507	withval0=`echo ${withval} \| sed 's%,% %g'`
2508	for sh_item in ${withval0}
2509	do
2510	case ${sh_item} in
2511	*@localhost)
2512	;;
2513	@.*)
2514	sh_tmp=`echo ${sh_item} \| awk '{ if ($1 ~ [/^[a-zA-Z0-9][a-zA-Z0-9\-_\.]*@[a-zA-Z0-9\-\.]+\.([a-zA-Z]+\|[0-9]+)$/]) {print 1; } else { print 0}}'`
2515	if test "x${sh_tmp}" != "x1"
2516	then
2517	AC_MSG_ERROR([Option --with-recipient=ADDR used with invalid mail address ${sh_item}.])
2518	fi
2519	;;
2520	*)
2521	AC_MSG_ERROR([Option --with-recipient=ADDR used with invalid mail address ${sh_item}.])
2522	;;
2523	esac
2524	done
2525	myrcp="$withval0"
2526	],
2527	[myrcp="NULL"])
2528	AC_DEFINE_UNQUOTED(DEFAULT_MAILADDRESS, _("${myrcp}") )
2529
2530
2531	AC_ARG_WITH(sender,
2532	[ --with-sender=SENDER set sender for e-mail [[daemon]]],
2533	[
2534	mysender="${withval}"
2535	],
2536	[
2537	mysender="daemon"
2538	])
2539	AC_DEFINE_UNQUOTED(DEFAULT_SENDER, _("${mysender}") )
2540
2541
2542	dnl
2543	dnl PATHS
2544	dnl
2545
2546	AC_ARG_WITH(trusted,
2547	[ --with-trusted=UID Set uid(s) of trusted users [[0]]],
2548	[
2549	sh_tmp_test=no
2550	sh_tmp=`echo ${withval} \| sed 's%,% %g'`
2551	for sh_tmp1 in ${sh_tmp}
2552	do
2553	echo "${sh_tmp1}" \| grep ['[^0123456789]'] >/dev/null 2>&1 &&
2554	AC_MSG_ERROR([Option --with-trusted=UID used with non-numeric UID in ${withval}.])
2555	if test "x${sh_tmp1}" = "x0"
2556	then
2557	sh_tmp_test=yes
2558	fi
2559	done
2560	if test "x${sh_tmp_test}" = "xno"
2561	then
2562	withval="0,${withval}"
2563	fi
2564	mytrust="${withval}"
2565	],
2566	[mytrust="0"] )
2567	AC_DEFINE_UNQUOTED(SL_ALWAYS_TRUSTED, ${mytrust} )
2568	AC_SUBST(mytrust)
2569
2570	mytmpdir=
2571
2572	AC_ARG_WITH(tmp-dir,
2573	[ --with-tmp-dir=PFX set directory for temporary files [[HOME]]],
2574	[
2575	if test "x${cross_compiling}" = xyes; then
2576	mytmpdir="$withval"
2577	AC_DEFINE_UNQUOTED(SH_TMPDIR, _("${mytmpdir}") )
2578	else
2579	if test -d "${withval}"; then
2580	mytmpdir="$withval"
2581	AC_DEFINE_UNQUOTED(SH_TMPDIR, _("${mytmpdir}") )
2582	else
2583	mytmpdir="$withval"
2584	AC_DEFINE_UNQUOTED(SH_TMPDIR, _("${mytmpdir}") )
2585	AC_MSG_WARN([--with-tmp-dir: tmp directory ${withval} does not exist])
2586	fi
2587	fi
2588	]
2589	)
2590
2591	AC_SUBST(mytmpdir)
2592
2593
2594	dnl
2595	dnl PATH DEFAULTS
2596	dnl
2597
2598	if test "x${ac_prefix_set}" = xyes
2599	then
2600	if test "x${exec_prefix}" = xNONE
2601	then
2602	exec_prefix="${prefix}"
2603	fi
2604
2605	if test "x${prefix}" = xOPT
2606	then
2607	tmp_sbindir="/opt/${install_name}/bin"
2608	tmp_sysconfdir="/etc/opt"
2609	tmp_mandir="/opt/${install_name}/man"
2610	tmp_localstatedir="/var/opt/${install_name}"
2611	elif test "x${prefix}" = xUSR
2612	then
2613	tmp_sbindir="/usr/sbin"
2614	tmp_sysconfdir="/etc"
2615	tmp_mandir="/usr/share/man"
2616	tmp_localstatedir="/var"
2617	else
2618	tmp_sbindir=`eval echo ${sbindir}`
2619	tmp_sysconfdir=`eval echo ${sysconfdir}`
2620	tmp_mandir=`eval echo ${mandir}`
2621	tmp_localstatedir=`eval echo ${localstatedir}`
2622	fi
2623	else
2624	prefix=""
2625	if test "x${ac_exec_prefix_set}" = xyes
2626	then
2627	tmp_sbindir=`eval echo ${sbindir}`
2628	else
2629	tmp_sbindir="/usr/local/sbin"
2630	fi
2631	tmp_sysconfdir="/etc"
2632	# share/man -> man (FHS) 11.10.2002
2633	tmp_mandir="/usr/local/man"
2634	tmp_localstatedir="/var"
2635	fi
2636
2637
2638	if test "x${ac_sbindir_set}" = xyes
2639	then
2640	:
2641	else
2642	sbindir=`eval echo ${tmp_sbindir}`
2643	fi
2644
2645
2646	if test "x${ac_sysconfdir_set}" = xyes
2647	then
2648	:
2649	else
2650	sysconfdir=`eval echo ${tmp_sysconfdir}`
2651	fi
2652
2653	if test "x${ac_mandir_set}" = xyes
2654	then
2655	:
2656	else
2657	mandir=`eval echo ${tmp_mandir}`
2658	fi
2659
2660	if test "x${ac_localstatedir_set}" = xyes
2661	then
2662	:
2663	else
2664	localstatedir=`eval echo ${tmp_localstatedir}`
2665	fi
2666
2667
2668
2669	AC_ARG_WITH(config-file,
2670	[ --with-config-file=FILE configuration file [[/etc/{install_name}rc]]],
2671	[
2672	myconffile="${withval}"
2673	changequote(<<, >>)dnl
2674	tmp=`echo ${withval} \| sed 's%^REQ_FROM_SERVER%%'`
2675	sysconfdir=`echo ${tmp} \| sed 's%/[^/][^/]*$%%'`
2676	myrpmconffile="${tmp}"
2677	changequote([, ])dnl
2678	],
2679	[
2680	myconffile="${sysconfdir}/${install_name}rc"
2681	myrpmconffile="${myconffile}"
2682	]
2683	)
2684	AC_DEFINE_UNQUOTED(DEFAULT_CONFIGFILE, _("${myconffile}") )
2685	AC_SUBST(myconffile)
2686	AC_SUBST(myrpmconffile)
2687
2688	AC_ARG_WITH(log-file,
2689	[ --with-log-file=FILE path of log file [[/var/log/{install_name}_log]]],
2690	[
2691	mylogfile="$withval"
2692	changequote(<<, >>)dnl
2693	mylogdir=`echo ${withval} \| sed 's%/[^/][^/]*$%%'`
2694	changequote([, ])dnl
2695	],
2696	[
2697	if test "x${mytclient}" = "x-DSH_WITH_SERVER"; then
2698	mylogfile="${localstatedir}/log/${install_name}/${install_name}_log"
2699	mylogdir="${localstatedir}/log/${install_name}"
2700	else
2701	mylogfile="${localstatedir}/log/${install_name}_log"
2702	mylogdir="${localstatedir}/log"
2703	fi
2704	]
2705	)
2706	AC_DEFINE_UNQUOTED(DEFAULT_ERRFILE, _("${mylogfile}") )
2707	AC_DEFINE_UNQUOTED(DEFAULT_LOGDIR, _("${mylogdir}") )
2708	AC_SUBST(mylogfile)
2709	AC_SUBST(mylogdir)
2710
2711	AC_ARG_WITH(pid-file,
2712	[ --with-pid-file=FILE set path of pid file [[/var/run/{install_name}.pid]]],
2713	[
2714	mylockfile="$withval"
2715	changequote(<<, >>)dnl
2716	mylockdir=`echo ${withval} \| sed 's%/[^/][^/]*$%%'`
2717	changequote([, ])dnl
2718	],
2719	[
2720	if test -h /var/run && test -d /run; then
2721	mylockfile="/run/${install_name}.pid"
2722	mylockdir="/run"
2723	else
2724	mylockfile="${localstatedir}/run/${install_name}.pid"
2725	mylockdir="${localstatedir}/run"
2726	fi
2727	]
2728	)
2729	AC_DEFINE_UNQUOTED(DEFAULT_ERRLOCK, _("${mylockfile}") )
2730	AC_DEFINE_UNQUOTED(DEFAULT_PIDDIR, _("${mylockdir}") )
2731	AC_SUBST(mylockfile)
2732	AC_SUBST(mylockdir)
2733
2734	AC_ARG_WITH(state-dir,
2735	[ --with-state-dir=PFX set state data directory [[/var/lib/{install_name}]]],
2736	[
2737	mydataroot="$withval"
2738	],
2739	[
2740	mydataroot="${localstatedir}/lib/${install_name}"
2741	]
2742	)
2743	AC_ARG_WITH(data-file,
2744	[ --with-data-file=FILE set path of data file],
2745	[
2746	mydatafile="$withval"
2747	changequote(<<, >>)dnl
2748	tmp=`echo ${withval} \| sed 's%^REQ_FROM_SERVER%%'`
2749	mydataroot=`echo ${tmp} \| sed 's%/[^/][^/]*$%%'`
2750	myrpmdatafile="${tmp}"
2751	changequote([, ])dnl
2752	if test x"${tmp}" = x
2753	then
2754	echo "No local path in data file ${withval}"
2755	echo "This will not work for initializing the database."
2756	if test x"${withval}" = xREQ_FROM_SERVER
2757	then
2758	echo "It should be REQ_FROM_SERVER/some/local/path"
2759	fi
2760	AC_MSG_ERROR([Option --with-data-file=FILE used with invalid path ${withval}.])
2761	fi
2762	],
2763	[
2764	mydatafile="${mydataroot}/${install_name}_file"
2765	myrpmdatafile="${mydatafile}"
2766	])
2767	AC_DEFINE_UNQUOTED(DEFAULT_DATA_FILE, _("${mydatafile}") )
2768	AC_SUBST(mydatafile)
2769	AC_SUBST(myrpmdatafile)
2770
2771	AC_DEFINE_UNQUOTED(DEFAULT_DATAROOT, _("${mydataroot}") )
2772	AC_SUBST(mydataroot)
2773
2774	AC_DEFINE_UNQUOTED(DEFAULT_QDIR, _("${mydataroot}/.quarantine") )
2775	AC_SUBST(myqdir)
2776
2777
2778	AC_ARG_WITH(html-file,
2779	[ --with-html-file=FILE set path of html file,],
2780	[
2781	myhtmlfile="$withval"
2782	],
2783	[
2784	myhtmlfile="${mylogdir}/${install_name}.html"
2785	])
2786	AC_DEFINE_UNQUOTED(DEFAULT_HTML_FILE, _("${myhtmlfile}") )
2787	AC_SUBST(myhtmlfile)
2788
2789
2790	mydefargs=$ac_configure_args
2791	# if test -z "`echo "$mydefargs" \| grep "\-\-enable\-static" 2> /dev/null`"
2792	# then
2793	# mydefargs="--enable-static $mydefargs"
2794	# fi
2795	if test -z "`echo "$mydefargs" \| grep "\-\-enable\-base" 2> /dev/null`"
2796	then
2797	mydefargs="--enable-base=${mykeybase} $mydefargs"
2798	fi
2799	AC_SUBST(mydefargs)
2800
2801
2802	AC_DEFINE_UNQUOTED(SH_INSTALL_DIR, _("${sbindir}"))
2803	AC_DEFINE_UNQUOTED(SH_INSTALL_PATH, _("${sbindir}/${install_name}"))
2804	AC_DEFINE_UNQUOTED(SH_INSTALL_NAME, _("${install_name}"))
2805
2806	AC_CONFIG_HEADER(config.h)
2807
2808	AC_OUTPUT(
2809	[
2810	Makefile
2811	samhain-install.sh
2812	init/samhain.startLSB
2813	init/samhain.startLinux
2814	init/samhain.startGentoo
2815	init/samhain.startFreeBSD
2816	init/samhain.startSolaris
2817	init/samhain.startHPUX
2818	init/samhain.startIRIX
2819	init/samhain.startMACOSX
2820	samhain.spec
2821	rules.deb
2822	rules.deb-light
2823	hp_ux.psf
2824	scripts/logrotate
2825	scripts/samhain.spec
2826	scripts/redhat_i386.client.spec
2827	scripts/samhain.ebuild
2828	scripts/samhain.ebuild-light
2829	scripts/samhainadmin.pl
2830	scripts/yuleadmin.pl
2831	scripts/check_samhain.pl
2832	deploy.sh
2833	],
2834	[
2835	echo timestamp > stamp-h
2836	chmod +x samhain-install.sh
2837	chmod +x scripts/samhainadmin.pl
2838	chmod +x scripts/yuleadmin.pl
2839	chmod +x scripts/check_samhain.pl
2840	]
2841	)
2842
2843	chmod +x deploy.sh
2844
2845	if test "x${cross_compiling}" = xyes
2846	then
2847
2848	echo "--------------------------------------------------------------"
2849	echo
2850	echo "You are using a cross-compiler. The following system dependent"
2851	echo "values may have been set to default values that may be"
2852	echo "incorrect for your target system: "
2853	echo
2854	echo "ac_cv_c_bigendian bigendian byte order ${ac_cv_c_bigendian}"
2855	echo "ac_cv_c_long_double long double exists ${ac_cv_c_long_double}"
2856	echo "ac_cv_sizeof_char_p size of pointer to char ${ac_cv_sizeof_char_p}"
2857	echo "ac_cv_sizeof_char_p size of size_t ${ac_cv_sizeof_size_t}"
2858	echo "ac_cv_sizeof_unsigned_int size of unsigned int ${ac_cv_sizeof_unsigned_int}"
2859	echo "ac_cv_sizeof_unsigned_long size of unsigned long ${ac_cv_sizeof_unsigned_long}"
2860	echo "ac_cv_sizeof_unsigned_short size of unsigned short ${ac_cv_sizeof_unsigned_short}"
2861	echo
2862	echo "If these values are incorrect, change them in the file "
2863	echo "config.cache and run configure again."
2864	echo
2865	echo "--------------------------------------------------------------"
2866
2867	fi
2868
2869	if test x${silent} != xyes
2870	then
2871
2872	# A=`eval echo ${sbindir}` ; A=`eval echo ${A}`
2873	# B=`eval echo ${myconffile}` ; B=`eval echo ${B}`
2874	# C=`eval echo ${mandir}` ; C=`eval echo ${C}`
2875	# D=`eval echo ${mylockfile}` ; D=`eval echo ${D}`
2876	# E=`eval echo ${mylogfile}` ; E=`eval echo ${E}`
2877	# F=`eval echo ${mydataroot}` ; F=`eval echo ${F}`
2878
2879	echo
2880	echo " samhain has been configured as follows:"
2881	echo " System binaries: ${sbindir}"
2882	echo " Configuration file: ${myconffile}"
2883	echo " Manual pages: ${mandir}"
2884	echo " Data: ${mydataroot}"
2885	echo " PID file: ${mylockfile}"
2886	echo " Log file: ${mylogfile}"
2887	echo " Base key: ${mykeybase}"
2888	if test x"$mykeyid" != x
2889	then
2890	echo " target GPG/PGP key: ${mykeyid}"
2891	fi
2892	echo
2893	if test x"$mytclient" = x"-DSH_WITH_SERVER"
2894	then
2895	echo " Selected rc file: yulerc"
2896	else
2897	echo " Selected rc file: samhainrc.${selectconfig}"
2898	fi
2899
2900	fi
2901

Note: See TracBrowser for help on using the repository browser.

Download in other formats: