Context Navigation

source: trunk/configure.ac@ 46

Last change on this file since 46 was 46, checked in by rainer, 18 years ago
Fix x86_64 build failure with gcc 4.x (as well as some gcc 4.x warnings)
File size: 64.0 KB

Line
1
2	dnl We want to override the standard _AC_INIT_PARSE_ARGS
3	dnl
4	AU_ALIAS([_AC_INIT_PARSE_ARGS], [SH_INIT_PARSE_ARGS])
5	AU_ALIAS([_AC_INIT_help], [SH_INIT_HELP])
6
7	AC_INIT(src/samhain.c)
8
9
10	AC_ARG_VAR([LIBS], [libraries to link against, e.g. -lintl])
11
12	dnl
13	dnl start
14	dnl
15	AM_INIT_AUTOMAKE(samhain, 2.2.1)
16	AC_CANONICAL_HOST
17
18	dnl
19	dnl checks for programs
20	dnl
21
22	AC_PROG_CC
23	AC_PROG_CPP
24	AC_PROG_INSTALL
25	AC_PROG_LN_S
26	AC_PROG_AWK
27	AC_PATH_PROG(cmd_hostname,hostname)
28	AC_SUBST(cmd_hostname)
29
30	GCC_STACK_PROTECT_CC
31
32	AC_HEADER_STDC
33	dnl
34	dnl first one is a dummy because of an autoconf bug
35	dnl (no HAVE_... for first one)
36	dnl
37	AC_CHECK_HEADERS([sys/ipc.h sys/msg.h sys/uio.h fcntl.h])
38
39
40	AC_MSG_CHECKING([for host-specific issues])
41	mydebugflag=no
42	myneedg3=no
43	uid_cast="signed long"
44	selectconfig=linux
45	mynetbsd=no
46	sh_use_lcaps="undef"
47
48	case "$host_os" in
49
50	linux)
51	sh_use_lcaps="yes"
52	AC_DEFINE(HOST_IS_LINUX)
53	AC_DEFINE(HAVE_EXT2_IOCTLS)
54	AC_MSG_RESULT(LINUX use ioctl to get e2fs flags)
55	case "$host_cpu" in
56	i86)
57	AC_DEFINE(HOST_IS_I86LINUX)
58	;;
59	*)
60	;;
61	esac
62	;;
63
64	osf)
65	AC_DEFINE([HOST_IS_OSF], 1, [Define if host OS is OSF])
66	if test "x$GCC" != "xyes"; then
67	CFLAGS=`echo $CFLAGS \| sed 's%\-g%%' `
68	CFLAGS="$CFLAGS -O2 -assume noaligned_objects"
69	myneedg3=yes
70	AC_MSG_RESULT(OSF1 compiler needs assume noaligned_objects)
71	else
72	AC_MSG_RESULT(none)
73	fi
74	;;
75
76	cygwin)
77	AC_DEFINE(HOST_IS_CYGWIN)
78	AC_MSG_RESULT(CYGWIN do not check for trusted paths)
79	;;
80
81	darwin)
82	AC_DEFINE(HOST_IS_DARWIN)
83	AC_MSG_RESULT(DARWIN check resource forks)
84	;;
85
86	freebsd)
87	AC_DEFINE(HOST_IS_FREEBSD)
88	selectconfig=freebsd
89	AC_MSG_RESULT(none)
90	;;
91
92	openbsd)
93	selectconfig=freebsd
94	AC_MSG_RESULT(none)
95	;;
96
97	netbsd)
98	mynetbsd=yes
99	AC_MSG_RESULT(NETBSD bug with libresolve)
100	;;
101
102	solaris)
103	selectconfig=solaris
104	AC_DEFINE(HOST_IS_SOLARIS)
105	case "$host_cpu" in
106	i*86)
107	AC_DEFINE(HOST_IS_I86SOLARIS)
108	AC_MSG_RESULT(SOLARIS I86 vsnprintf prototype)
109	;;
110	*)
111	AC_MSG_RESULT(none)
112	;;
113	esac
114	if test "x$GCC" != "xyes"; then
115	if test ! -z "`echo "$CFLAGS" \| grep "\-g" 2> /dev/null`" ; then
116	CFLAGS=`echo $CFLAGS \| sed 's%\-g%%' `
117	fi
118	if test -z "`echo "$CFLAGS" \| grep "\-xO2" 2> /dev/null`"; then
119	CFLAGS="$CFLAGS -xO2"
120	fi
121	if test -z "`echo "$CFLAGS" \| grep "\-Xa" 2> /dev/null`"; then
122	CFLAGS="$CFLAGS -Xa"
123	fi
124	LIBS="-lc $LIBS"
125	fi
126	;;
127
128
129	sun)
130	selectconfig=solaris
131	AC_DEFINE(HOST_IS_SOLARIS)
132	AC_MSG_RESULT(none)
133	;;
134
135	aix)
136	AC_DEFINE(HOST_IS_AIX)
137	selectconfig=aix5.2.0
138	uid_cast="unsigned long"
139	if test "x$GCC" != "xyes"; then
140	if test ! -z "`echo "$CFLAGS" \| grep "\-g" 2> /dev/null`" ; then
141	CFLAGS=`echo $CFLAGS \| sed 's%\-g%%' `
142	fi
143	if test -z "`echo "$CFLAGS" \| grep "\-O3" 2> /dev/null`"; then
144	CFLAGS="$CFLAGS -O3"
145	fi
146	if test -z "`echo "$CFLAGS" \| grep "\-qstrict" 2> /dev/null`"; then
147	CFLAGS="$CFLAGS -qstrict"
148	fi
149	AC_MSG_RESULT(AIX size_t in the accept call and optimize O3 qstrict)
150	else
151	AC_MSG_RESULT(AIX size_t in the accept call)
152	fi
153	;;
154
155	hpux)
156	AC_MSG_RESULT(HPUX has not always h_errno defined)
157	AC_DEFINE(HOST_IS_HPUX)
158	if test "x$GCC" != "xyes"; then
159	if test ! -z "`echo "$CFLAGS" \| grep "\-g" 2> /dev/null`" ; then
160	CFLAGS=`echo $CFLAGS \| sed 's%\-g%%' `
161	fi
162	if test -z "`echo "$CFLAGS" \| grep "\-fast" 2> /dev/null`"; then
163	CFLAGS="$CFLAGS -fast"
164	fi
165	fi
166	;;
167
168	ultrix)
169	AC_MSG_RESULT(ULTRIX getcwd uses popen)
170	AC_DEFINE(HAVE_BROKEN_GETCWD)
171	;;
172
173	*)
174	AC_MSG_RESULT(none)
175	;;
176	esac
177
178	AC_SUBST(selectconfig)
179	AC_DEFINE_UNQUOTED(UID_CAST, ${uid_cast})
180
181
182	dnl *****************************************
183	dnl
184	dnl checks for header files
185	dnl
186	dnl *****************************************
187
188	AC_HEADER_DIRENT
189	AC_HEADER_MAJOR
190	AC_HEADER_TIME
191	dnl used in minilzo.c
192	AC_HEADER_STAT
193	AC_DECL_SYS_SIGLIST
194
195	AC_CHECK_HEADERS(stddef.h libgen.h sched.h \
196	sys/vfs.h \
197	sys/select.h sys/socket.h netinet/in.h \
198	regex.h glob.h \
199	linux/ext2_fs.h ext2fs/ext2_fs.h \
200	paths.h arpa/nameser.h arpa/nameser_compat.h,
201	[],
202	[],
203	[#include <sys/types.h>]
204	)
205
206
207	AC_CHECK_HEADER(utmpx.h, sh_utmpx="yes", sh_utmpx="no")
208	if test "x$sh_utmpx" = "xyes"; then
209	if cat "/usr/include/utmpx.h" 2>&5 \|
210	egrep "WTMPX_FILE" >/dev/null 2>&1; then
211	AC_DEFINE(HAVE_UTMPX_H)
212	AC_EGREP_HEADER(ut_host, utmpx.h, AC_DEFINE(HAVE_UTHOST) )
213	AC_EGREP_HEADER(ut_addr, utmpx.h, AC_DEFINE(HAVE_UTADDR) )
214	AC_EGREP_HEADER(ut_xtime,utmpx.h, AC_DEFINE(HAVE_UTXTIME) )
215	AC_EGREP_HEADER(ut_type, utmpx.h, AC_DEFINE(HAVE_UTTYPE) )
216	else
217	AC_EGREP_HEADER(ut_addr, utmp.h, AC_DEFINE(HAVE_UTADDR) )
218	AC_EGREP_HEADER(ut_host, utmp.h, AC_DEFINE(HAVE_UTHOST) )
219	AC_EGREP_HEADER(ut_type, utmp.h, AC_DEFINE(HAVE_UTTYPE) )
220	fi
221	else
222	AC_EGREP_HEADER(ut_host, utmp.h, AC_DEFINE(HAVE_UTHOST) )
223	AC_EGREP_HEADER(ut_type, utmp.h, AC_DEFINE(HAVE_UTTYPE) )
224	fi
225
226	dnl need to check because AIX 4.2 does not have it
227	dnl
228	AC_CHECK_MEMBERS([struct statfs.f_flags],[],[],[
229	#ifdef HAVE_SYS_TYPES_H
230	#include <sys/types.h>
231	#endif
232	#ifdef HAVE_SYS_STAT_H
233	#include <sys/stat.h>
234	#endif
235	#ifdef HAVE_SYS_VFS_H
236	#include <sys/vfs.h>
237	#endif
238	#ifdef HAVE_UNISTD_H
239	#include <unistd.h>
240	#endif
241	])
242
243	AC_SYS_LARGEFILE
244
245	dnl
246	dnl check whether _POSIX_SOURCE is required
247	dnl
248	SAMHAIN_POSIX
249
250
251	dnl *****************************************
252	dnl
253	dnl Checks for library functions.
254	dnl
255	dnl *****************************************
256	AC_FUNC_STRFTIME
257	AC_CHECK_FUNCS(memcmp memcpy memmove memset getpwent endpwent \
258	gettimeofday strlcat strlcpy strstr strchr strerror strsignal \
259	seteuid setreuid setresuid lstat getwd getcwd ptrace \
260	usleep setpriority getpeereid nanosleep \
261	strptime basename sched_yield \
262	inet_aton gethostbyname setutent setrlimit gethostname uname \
263	initgroups getpagesize \
264	ttyname fchmod
265	)
266	AC_CHECK_FUNC(statfs, AC_DEFINE(HAVE_STATFS) statfs="yes", statfs="no")
267	SL_CHECK_VA_COPY
268	AC_CHECK_FUNCS(vsnprintf, [SL_CHECK_VSNPRINTF])
269	AC_CHECK_MLOCK
270
271	AC_MSG_CHECKING(how to get filesystem type)
272	fstype=no
273	# The order of these tests is important.
274	AC_TRY_CPP([#include <sys/statvfs.h>
275	#include <sys/fstyp.h>], AC_DEFINE(FSTYPE_STATVFS) fstype=SVR4)
276	if test $fstype = no; then
277	AC_TRY_CPP([#include <sys/statfs.h>
278	#include <sys/fstyp.h>], AC_DEFINE(FSTYPE_USG_STATFS) fstype=SVR3)
279	fi
280	if test $fstype = no; then
281	AC_TRY_CPP([#include <sys/statfs.h>
282	#include <sys/vmount.h>], AC_DEFINE(FSTYPE_AIX_STATFS) fstype=AIX)
283	fi
284	if test $fstype = no; then
285	AC_TRY_CPP([#include <mntent.h>], AC_DEFINE(FSTYPE_MNTENT) fstype=4.3BSD)
286	fi
287	if test $fstype = no; then
288	AC_EGREP_HEADER(f_type;, sys/mount.h, AC_DEFINE(FSTYPE_STATFS) fstype=4.4BSD/OSF)
289	fi
290	if test $fstype = no; then
291	AC_TRY_CPP([#include <sys/mount.h>
292	#include <sys/fs_types.h>], AC_DEFINE(FSTYPE_GETMNT) fstype=Ultrix)
293	fi
294	AC_MSG_RESULT($fstype)
295
296	sh_libsocket=
297
298	dnl Solaris needs -lsocket and -lnsl. Unisys system includes
299	dnl gethostbyname in libsocket but needs libnsl for socket.
300	AC_CHECK_LIB(nsl, gethostbyname)
301	AC_CHECK_LIB(socket, socket, ac_need_libsocket=1, ac_try_nsl=1)
302	if test x$ac_need_libsocket = x1; then
303	LIBS="$LIBS -lsocket"
304	sh_libsocket="-lsocket"
305	fi
306	if test x$ac_try_nsl = x1; then
307	AC_CHECK_LIB(nsl, gethostbyname, ac_need_libnsl=1)
308	if test x$ac_need_libnsl = x1
309	then
310	LIBS="$LIBS -lnsl"
311	fi
312	fi
313	AC_SUBST(sh_libsocket)
314
315	AC_CHECK_LIB(socket, res_search, [
316	AC_CHECK_LIB(resolv, dn_skipname)
317	AC_CHECK_LIB(resolv, __dn_skipname)
318	if test x$ac_need_libsocket = x1; then
319	:
320	else
321	LIBS="$LIBS -lsocket"
322	fi
323	], [
324	AC_CHECK_LIB(resolv, res_search, [
325	LIBS="$LIBS -lresolv"
326	], [
327	AC_CHECK_LIB(resolv, dn_skipname)
328	AC_CHECK_LIB(resolv, __dn_skipname)
329	])
330	])
331
332	dnl arguments for accept
333
334	dnl check for Unix98 socklen_t (found on
335	dnl xemacs-patches mailing list, written
336	dnl by Martin Buchholz)
337	dnl
338	dnl On Darwin(MacOSX) socklen_t needs to be
339	dnl an int (see accept man page), on all other
340	dnl unix systems we need a size_t.
341
342	AC_MSG_CHECKING(for socklen_t)
343	AC_TRY_COMPILE([
344	#ifdef HAVE_SYS_TYPES_H
345	#include <sys/types.h>
346	#endif
347	#ifdef HAVE_SYS_SOCKET_H
348	#include <sys/socket.h>
349	#endif
350	socklen_t x;
351	], [],[
352	AC_MSG_RESULT(yes)
353	AC_DEFINE_UNQUOTED([ACCEPT_TYPE_ARG3],[socklen_t], [type of arg3 of accept])
354	AC_DEFINE([HAVE_SOCKLEN_T], 1, [Define if you have socklen_t])
355	],[
356	AC_TRY_COMPILE([
357	#ifdef HAVE_SYS_TYPES_H
358	#include <sys/types.h>
359	#endif
360	#ifdef HAVE_SYS_SOCKET_H
361	#include <sys/socket.h>
362	#endif
363	int accept (int, struct sockaddr , size_t );
364	],[],[
365	AC_MSG_RESULT(size_t)
366	AC_DEFINE_UNQUOTED([ACCEPT_TYPE_ARG3],[size_t], [type of arg3 of accept])
367	], [
368	AC_MSG_RESULT(int)
369	AC_DEFINE_UNQUOTED([ACCEPT_TYPE_ARG3],[int], [type of arg3 of accept])
370	]
371	)
372	])
373
374
375	dnl *****************************************
376	dnl checks for typedefs
377	dnl *****************************************
378
379	AC_C_LONG_DOUBLE
380	SH_CHECK_TYPEDEF(long long, HAVE_LONG_LONG)
381	if test "$sh_HAVE_LONG_LONG" = "yes"; then
382	AC_CHECK_SIZEOF(unsigned long long, 4)
383	if test "$ac_cv_sizeof_unsigned_long_long" = "8"; then
384	AC_DEFINE(HAVE_LONG_LONG_64, 1, [Define if you have 64bit long long])
385	fi
386	fi
387
388	AC_CHECK_TYPE(ptrdiff_t, long)
389	AC_TYPE_SIZE_T
390	AC_CHECK_SIZEOF(char *, 4)
391	AC_CHECK_SIZEOF(size_t, 4)
392
393	AC_CHECK_SIZEOF(unsigned long, 4)
394	AC_CHECK_SIZEOF(unsigned int , 4)
395	AC_CHECK_SIZEOF(unsigned short, 2)
396
397
398	if test "$ac_cv_sizeof_unsigned_long" = "4"; then
399	AC_DEFINE(HAVE_LONG_32)
400	fi
401	if test "$ac_cv_sizeof_unsigned_long" = "8"; then
402	AC_DEFINE(HAVE_LONG_64)
403	fi
404	if test "$ac_cv_sizeof_unsigned_int" = "4"; then
405	AC_DEFINE(HAVE_INT_32)
406	fi
407
408	dnl
409	dnl For Alpha
410	dnl
411	if test "$ac_cv_sizeof_unsigned_int_" = "4"; then
412	AC_DEFINE(HAVE_INT_32)
413	fi
414	if test "$ac_cv_sizeof_unsigned_short" = "4"; then
415	AC_DEFINE(HAVE_SHORT_32)
416	fi
417
418	dnl
419	dnl check for 64 bit programming environment
420	dnl
421	SAMHAIN_64
422
423
424	dnl *****************************************
425	dnl checks for structures
426	dnl *****************************************
427
428	AC_STRUCT_TM
429
430	dnl
431	dnl from e2fsprogs
432	dnl
433	AC_MSG_CHECKING(whether struct stat has a st_flags field)
434	AC_CACHE_VAL(e2fsprogs_cv_struct_st_flags,
435	AC_TRY_COMPILE([#include <sys/stat.h>],
436	[struct stat stat; stat.st_flags = 0;],
437	[e2fsprogs_cv_struct_st_flags=yes],
438	[e2fsprogs_cv_struct_st_flags=no]))
439	AC_MSG_RESULT($e2fsprogs_cv_struct_st_flags)
440	if test "$e2fsprogs_cv_struct_st_flags" = yes; then
441	AC_MSG_CHECKING(whether st_flags field is useful)
442	AC_CACHE_VAL(e2fsprogs_cv_struct_st_flags_immut,
443	AC_TRY_COMPILE([#include <sys/stat.h>],
444	[struct stat stat; stat.st_flags \|= UF_IMMUTABLE;],
445	[e2fsprogs_cv_struct_st_flags_immut=yes],
446	[e2fsprogs_cv_struct_st_flags_immut=no]))
447	AC_MSG_RESULT($e2fsprogs_cv_struct_st_flags_immut)
448	if test "$e2fsprogs_cv_struct_st_flags_immut" = yes; then
449	AC_DEFINE(HAVE_STAT_FLAGS)
450	fi
451	fi
452
453	dnl
454	dnl from dbus
455	dnl
456	AC_MSG_CHECKING(for struct cmsgcred)
457	AC_TRY_COMPILE([
458	#include <sys/types.h>
459	#include <sys/socket.h>
460	],[
461	struct cmsgcred cred;
462
463	cred.cmcred_pid = 0;
464	],sh_have_struct_cmsgcred=yes,sh_have_struct_cmsgcred=no)
465	AC_MSG_RESULT($sh_have_struct_cmsgcred)
466
467	if test x$sh_have_struct_cmsgcred = xyes; then
468	AC_DEFINE(HAVE_STRUCT_CMSGCRED,1,[Have cmsgcred structure])
469	fi
470
471	AC_MSG_CHECKING(for struct fcred)
472	AC_TRY_COMPILE([
473	#include <sys/param.h>
474	#include <sys/socket.h>
475	#include <sys/ucred.h>
476	],[
477	struct fcred sockcred;
478	],sh_have_struct_fcred=yes,sh_have_struct_fcred=no)
479	AC_MSG_RESULT($sh_have_struct_fcred)
480
481	if test x$sh_have_struct_fcred = xyes; then
482	AC_DEFINE(HAVE_STRUCT_FCRED,1,[Have fcred structure])
483	fi
484
485	AC_MSG_CHECKING(for struct sockcred)
486	AC_TRY_COMPILE([
487	#include <sys/param.h>
488	#include <sys/socket.h>
489	#include <sys/ucred.h>
490	],[
491	struct sockcred sockcred;
492	],sh_have_struct_sockcred=yes,sh_have_struct_sockcred=no)
493	AC_MSG_RESULT($sh_have_struct_sockcred)
494
495	if test x$sh_have_struct_sockcred = xyes; then
496	AC_DEFINE(HAVE_STRUCT_SOCKCRED,1,[Have sockcred structure])
497	fi
498
499	AC_MSG_CHECKING(for SO_PEERCRED)
500	AC_TRY_COMPILE([
501	#include <sys/types.h>
502	#include <sys/socket.h>
503	],[
504	int test = SO_PEERCRED;
505	],sh_have_SO_PEERCRED=yes,sh_have_SO_PEERCRED=no)
506	AC_MSG_RESULT($sh_have_SO_PEERCRED)
507
508	if test x$sh_have_SO_PEERCRED = xyes; then
509	AC_DEFINE(HAVE_SO_PEERCRED,1,[Have SO_PEERCRED define])
510	fi
511
512
513	dnl *****************************************
514	dnl checks for compiler characteristics
515	dnl *****************************************
516	AC_C_INLINE
517	AC_C_CONST
518	AC_C_BIGENDIAN
519
520	AM_SA_SIGACTION_WORKS
521
522	dnl *****************************************
523	dnl
524	dnl checks for system services
525	dnl
526	dnl *****************************************
527
528	dnl
529	dnl check for GNU gmp
530	dnl
531	AC_CHECK_LIB(gmp, __gmpz_init, [sh_have_gmp=yes], [sh_have_gmp=no])
532	if test "x${sh_have_gmp}" = xno
533	then
534	AC_CHECK_LIB(gmp, mpz_init, [sh_have_gmp=yes], [sh_have_gmp=no])
535	fi
536	if test "x${sh_have_gmp}" = xyes
537	then
538	# LIBS="-lgmp $LIBS"
539	AC_DEFINE(HAVE_LIBGMP, 1, [Have GNU gmp library])
540	fi
541	AC_CHECK_HEADERS(gmp.h)
542
543
544	dnl *****************************************
545	dnl
546	dnl enable features
547	dnl
548	dnl *****************************************
549
550	AC_ARG_ENABLE(db-reload,
551	[ --enable-db-reload enable database reload on SIGHUP [no]],
552	[
553	if test "x${enable_db_reload}" = xyes; then
554	AC_DEFINE(RELOAD_DATABASE)
555	fi
556	]
557	)
558
559	AC_ARG_ENABLE(xml-log,
560	[ --enable-xml-log enable XML logfile format [[no]]],
561	[
562	if test "x${enable_xml_log}" = xyes; then
563	AC_DEFINE(SH_USE_XML)
564	fi
565	]
566	)
567
568
569	AC_ARG_ENABLE(mail,
570	[ --disable-mail disable the internal SMTP mailer],
571	[
572	if test "x${enable_mail}" = xno; then
573	:
574	else
575	AC_DEFINE(SH_WITH_MAIL)
576	fi
577	],
578	[AC_DEFINE(SH_WITH_MAIL)]
579	)
580
581	AC_ARG_ENABLE(external-scripts,
582	[ --disable-external-scripts disable interface to external scripts],
583	[
584	if test "x${enableval}" = xno; then
585	:
586	else
587	AC_DEFINE(WITH_EXTERNAL)
588	fi
589	],
590	[AC_DEFINE(WITH_EXTERNAL)]
591	)
592
593	AC_ARG_ENABLE(message-queue,
594	[ --enable-message-queue[[=MODE]] enable SysV message queue [[MODE=0700]]],
595	[
596	if test "x${ac_cv_header_sys_msg_h}" = "xyes"; then
597	if test "x${enable_message_queue}" = xyes; then
598	AC_DEFINE(WITH_MESSAGE_QUEUE)
599	AC_DEFINE_UNQUOTED(MESSAGE_QUEUE_MODE, 0700)
600	elif test "x${enable_message_queue}" != xno; then
601	echo "${enableval}" \| grep ['[^0123456789]'] >/dev/null 2>&1 &&
602	AC_MSG_ERROR([--enable-message-queue: MODE must be numeric])
603	echo "${enableval}" \| \
604	grep ['0[0123456789][0123456789][0123456789]'] >/dev/null 2>&1 \|\|
605	AC_MSG_ERROR([--enable-message-queue: MODE must be an octal (0nnn) number])
606	AC_DEFINE(WITH_MESSAGE_QUEUE)
607	AC_DEFINE_UNQUOTED(MESSAGE_QUEUE_MODE, ${enable_message_queue})
608	fi
609	else
610	echo
611	echo "**********************************************"
612	echo
613	AC_MSG_WARN([sys/msg.h missing, --enable-message-queue disabled])
614	echo
615	echo "**********************************************"
616	echo
617	fi
618	]
619	)
620
621	AC_ARG_WITH(cflags,
622	[ --with-cflags additional flags to pass to compiler],
623	[
624	if test "x$withval" != "xno" ; then
625	CFLAGS="$CFLAGS $withval"
626	fi
627	]
628	)
629	AC_ARG_WITH(libs,
630	[ --with-libs additional libraries to link with],
631	[
632	if test "x$withval" != "xno" ; then
633	LIBS="$LIBS $withval"
634	fi
635	]
636	)
637
638
639	#
640	# this is from ssh
641	#
642	AC_MSG_CHECKING(whether to use libwrap)
643	LIBWRAP_LIB=""
644	LIBWRAP_INC=""
645	AC_ARG_WITH(libwrap,
646	[ --with-libwrap[=PATH] Compile in libwrap (TCP Wrappers) support],
647	[ AC_MSG_RESULT($withval)
648	case "$withval" in
649	no)
650	;;
651	""\|yes)
652	LIBWRAP_LIB="-lwrap"
653	;;
654	*)
655	if test -d "$withval"; then
656	LIBWRAP_LIB="-L$withval -lwrap"
657	changequote(<<, >>)dnl
658	sh_libwrap_inc=`echo ${withval} \| sed 's%/[^/][^/]*$%%'`
659	LIBWRAP_INC="-I${sh_libwrap_inc}/include"
660	changequote([, ])dnl
661	else
662	LIBWRAP_LIB="-lwrap"
663	changequote(<<, >>)dnl
664	sh_libwrap_inc=`echo ${withval} \| sed 's%/[^/][^/]*$%%'`
665	LIBWRAP_INC="-I${sh_libwrap_inc}"
666	changequote([, ])dnl
667	fi
668	;;
669	esac
670	if test -n "$LIBWRAP_LIB"; then
671	# OLDLIBS="$LIBS"
672	LIBS="$LIBWRAP_LIB $LIBS"
673	# OLDCFLAGS="$CFLAGS"
674	CFLAGS="$CFLAGS $LIBWRAP_INC"
675	AC_CHECK_HEADER(tcpd.h,
676	[],
677	[ AC_MSG_ERROR([Could not find tcpd.h for libwrap. You must first install tcp_wrappers]) ])
678	AC_TRY_LINK([ #include <tcpd.h>
679	int allow_severity; int deny_severity; ],
680	[ hosts_access((struct request_info *) 0); ],
681	[ AC_DEFINE(SH_USE_LIBWRAP,1,[Build with tcp wrapper support]) ],
682	[ AC_MSG_ERROR([Could not find the libwrap library.]) ])
683	fi ],
684	AC_MSG_RESULT(no)
685	)
686
687
688	#
689	# this is from the snort configure.in
690	#
691	AC_DEFUN(FAIL_MESSAGE,[
692	echo
693	echo
694	echo "**********************************************"
695	echo " ERROR: unable to find" $1
696	echo " checked in the following places"
697	for i in `echo $2`; do
698	echo " $i"
699	done
700	echo "**********************************************"
701	echo
702	exit
703	])
704
705	AC_ARG_WITH(libprelude-prefix,
706	[ --with-libprelude-prefix=PFX Prefix where libprelude is installed (optional)],
707	libprelude_config_prefix="$withval", libprelude_config_prefix="")
708
709	AC_MSG_CHECKING(whether to use prelude)
710	AC_ARG_WITH(prelude,
711	[ --with-prelude Prelude IDS support [[no]]],
712	[
713	if test "x${withval}" = "xno"; then
714	AC_MSG_RESULT(no)
715	else
716	AC_MSG_RESULT(yes)
717	if test x$libprelude_config_prefix != x ; then
718	if test x${LIBPRELUDE_CONFIG+set} != xset ; then
719	LIBPRELUDE_CONFIG=$libprelude_config_prefix/bin/libprelude-config
720	fi
721	fi
722
723	AC_PATH_PROG(LIBPRELUDE_CONFIG, libprelude-config, no)
724	if test x"$LIBPRELUDE_CONFIG" = "xno" ; then
725	HAVE_PRELUDE_CONFIG=no
726	else
727	HAVE_PRELUDE_CONFIG=yes
728	fi
729	dnl AC_CHECK_PROG(HAVE_PRELUDE_CONFIG, libprelude-config, yes, no)
730	if test "$HAVE_PRELUDE_CONFIG" = "yes"; then
731	sh_libprelude_version=`$LIBPRELUDE_CONFIG --version`
732	case "$sh_libprelude_version" in
733	0.8*)
734	sh_prelude_libs=`$LIBPRELUDE_CONFIG --libs \| sed 's,\(.\)\( -L. -lprelude$\),\2 \1,'`
735	sh_prelude_cflags=`$LIBPRELUDE_CONFIG --cflags`
736	LIBS="$LIBS ${sh_prelude_libs}"
737	CFLAGS="$CFLAGS ${sh_prelude_cflags}"
738	AC_DEFINE(HAVE_LIBPRELUDE,1,[Have libprelude])
739	AC_DEFINE(HAVE_LIBPRELUDE_8,1,[Have libprelude 0.8])
740	;;
741	*)
742	AM_PATH_LIBPRELUDE([0.9.6],
743	[
744	AC_DEFINE(HAVE_LIBPRELUDE,1,[Have libprelude])
745	AC_DEFINE(HAVE_LIBPRELUDE_9,1,[Have libprelude 0.9])
746	CFLAGS="$CFLAGS $LIBPRELUDE_PTHREAD_CFLAGS"
747	LDFLAGS="$LDFLAGS $LIBPRELUDE_LDFLAGS"
748	LIBS="$LIBS $LIBPRELUDE_LIBS"
749	],
750	[
751	AC_MSG_ERROR([Could not find libprelude.])
752	])
753	;;
754	esac
755	else
756	AC_MSG_ERROR([Could not find libprelude.])
757	fi
758	fi
759	],
760	[
761	AC_MSG_RESULT(no)
762	]
763	)
764
765	dnl AC_MSG_CHECKING(whether to use prelude)
766	dnl AC_ARG_WITH(prelude,
767	dnl [ --with-prelude Prelude IDS support [[no]]],
768	dnl [
769	dnl if test "x${withval}" = "xno"; then
770	dnl AC_MSG_RESULT(no)
771	dnl else
772	dnl AC_CHECK_PROG(HAVE_PRELUDE_CONFIG, libprelude-config, yes, no)
773	dnl if test "$HAVE_PRELUDE_CONFIG" = "yes"; then
774	dnl sh_prelude_libs=`libprelude-config --libs \| sed 's,\(.\)\( -L. -lprelude$\),\2 \1,'`
775	dnl sh_prelude_cflags=`libprelude-config --cflags`
776	dnl LIBS="$LIBS ${sh_prelude_libs}"
777	dnl CFLAGS="$CFLAGS ${sh_prelude_cflags}"
778	dnl AC_DEFINE(HAVE_LIBPRELUDE,1,[Have libprelude])
779	dnl else
780	dnl AC_MSG_ERROR([Could not find libprelude-config. Did you specify a valid path?])
781	dnl fi
782	dnl fi
783	dnl ],
784	dnl AC_MSG_RESULT(no)
785	dnl )
786
787	AC_ARG_ENABLE(static,
788	[ --enable-static enable static linking (recommended) [[no]]],
789	[
790	if test x$enable_static = xyes; then
791	if test x"$mynetbsd" = xyes
792	then
793	tmp_LIBS=`echo $LIBS \| sed 's%\-lresolv%%' `
794	LIBS="${tmp_LIBS}"
795	fi
796	AC_DEFINE(SH_COMPILE_STATIC, 1, [Define if compiling static])
797	if test "x$GCC" = "xyes"; then
798	LDFLAGS="$LDFLAGS -static"
799	else
800	case "$host_os" in
801
802	aix)
803	LDFLAGS="$LDFLAGS -bnso -bI:/lib/syscalls.exp"
804	;;
805
806	hpux)
807	LDFLAGS="$LDFLAGS -Wl,-a,archive"
808	;;
809
810	osf)
811	LDFLAGS="$LDFLAGS -non_shared"
812	;;
813
814	irix)
815	LDFLAGS="$LDFLAGS -non_shared"
816	;;
817
818	sco)
819	LDFLAGS="$LDFLAGS -dn"
820	;;
821
822	sun)
823	LDFLAGS="$LDFLAGS -Bstatic"
824	;;
825
826	solaris)
827	LDFLAGS="$LDFLAGS -Bstatic"
828	;;
829
830	*)
831	echo "***********************************************"
832	echo "*"
833	echo "* Don't know how to enable static linking"
834	echo "* with your compiler. Please set the environment"
835	echo "* variable LDFLAGS to:"
836	echo "* ${LDFLAGS} + the static linking flag"
837	echo "* and run configure again"
838	echo "*"
839	echo "***********************************************"
840	;;
841
842	esac
843	fi
844	fi
845	]
846	)
847
848	#
849	# partly based on the snort configure.in
850	#
851	AC_ARG_WITH(database,
852	[ --with-database=[[mysql\|postgresql\|oracle\|odbc]] database support [[no]]],
853	[
854	if test x"$enable_xml_log" != xyes; then
855	AC_MSG_ERROR([--with-database: --enable-xml-log required])
856	fi
857	if test "x${withval}" = "xmysql"; then
858	AC_CHECK_PROG(HAVE_MYSQL_CONFIG, mysql_config, yes, no)
859	if test "$HAVE_MYSQL_CONFIG" = "yes"; then
860	# echo "mysql_config found"
861	sh_mysql_libs="`mysql_config --libs`"
862	# echo ${sh_mysql_libs}
863	sh_mysql_libs="`eval echo ${sh_mysql_libs}`"
864	# echo $mysql_libs
865	# save_libs="$LIBS"
866	# LIBS="$LIBS `mysql_config --libs`"
867	# echo $LIBS
868	LIBS="$LIBS ${sh_mysql_libs}"
869	# echo $LIBS
870	sh_mysql_cflags="`mysql_config --cflags`"
871	sh_mysql_cflags="`eval echo ${sh_mysql_cflags}`"
872	# CFLAGS="$CFLAGS `mysql_config --cflags`"
873	# CFLAGS="$CFLAGS ${sh_mysql_cflags}"
874	CPPFLAGS="$CPPFLAGS ${sh_mysql_cflags}"
875	else
876	AC_MSG_CHECKING(for MySQL in /usr /usr/local /usr/local/mysql MYSQL_HOME)
877	mysql_directory="/usr /usr/local /usr/local/mysql ${MYSQL_HOME}"
878
879	for i in $mysql_directory; do
880	if test -r $i/include/mysql/mysql.h; then
881	MYSQL_DIR=$i
882	MYSQL_INC_DIR=$i/include
883	# we use AC_CHECK_HEADERS to check for mysql/mysql.h
884	fi
885	done
886	if test -z "$MYSQL_DIR"; then
887	for i in $mysql_directory; do
888	if test -r $i/include/mysql.h; then
889	MYSQL_DIR=$i
890	MYSQL_INC_DIR=$i/include
891	fi
892	done
893	fi
894
895	if test -z "$MYSQL_DIR"; then
896	tmp=""
897	for i in $mysql_directory; do
898	tmp="$tmp $i/include $i/include/mysql"
899	done
900	FAIL_MESSAGE("mysql headers (mysql.h)", $tmp)
901	fi
902
903	for i in lib lib/mysql; do
904	str="$MYSQL_DIR/$i/libmysqlclient.*"
905	for j in `echo $str`; do
906	if test -r $j; then
907	MYSQL_LIB_DIR="$MYSQL_DIR/$i"
908	break 2
909	fi
910	done
911	done
912
913	if test -z "$MYSQL_LIB_DIR"; then
914	for ff in $mysql_directory; do
915	for i in lib lib/mysql; do
916	str="$ff/$i/libmysqlclient.*"
917	for j in `echo $str`; do
918	if test -r $j; then
919	MYSQL_LIB_DIR="$ff/$i"
920	break 3
921	fi
922	done
923	done
924	done
925	fi
926
927	if test -z "$MYSQL_LIB_DIR"; then
928	tmp=""
929	for i in $mysql_directory; do
930	tmp="$i/lib $i/lib/mysql"
931	done
932	FAIL_MESSAGE("mysql library libmysqlclient", $tmp)
933	fi
934
935	AC_MSG_RESULT(yes)
936	LIBS="$LIBS -L${MYSQL_LIB_DIR} -lmysqlclient"
937	# CFLAGS="$CFLAGS -I${MYSQL_INC_DIR}"
938	CPPFLAGS="$CPPFLAGS -I${MYSQL_INC_DIR}"
939	fi
940	AC_DEFINE(WITH_MYSQL)
941	AC_DEFINE(WITH_DATABASE)
942	AC_CHECK_LIB(z, inflateEnd, [zlib_cv_libz=yes], [zlib_cv_libz=no])
943	AC_MSG_CHECKING(for zlib)
944	if test "$zlib_cv_libz" = "yes"
945	then
946	LIBS="$LIBS -lz -lm"
947	AC_MSG_RESULT(ok)
948	else
949	AC_MSG_RESULT(failed)
950	echo
951	echo " Either the mysql or the zlib library was not found"
952	echo " or was unusable, maybe because an old, incompatible"
953	echo " version is installed on your system, eg compiled from"
954	echo " source long time ago. See config.log for the error"
955	echo " message from the compiler."
956	echo " Please review your installed mysql and zlib libraries"
957	echo " and/or use --with-libs=-L/path/to/libdirectory"
958	echo " where libdirectory is the directory holding libmysql"
959	echo " or libz."
960	if test x"$enable_static" = xyes; then
961	echo " Note that for compiling a static binary, you need"
962	echo " the static libraries, rather than the shared ones."
963	fi
964	echo
965	AC_MSG_ERROR([libmysql or zlib not found or unuseable])
966	fi
967	AC_CHECK_HEADERS(mysql/mysql.h)
968	elif test "x${withval}" = "xpostgresql"; then
969	AC_DEFINE(WITH_POSTGRES)
970	AC_DEFINE(WITH_DATABASE)
971	#
972	PGCONF="no"
973	MY_PATH="${PATH}:/usr/local/bin:/usr/local/pgsql/bin"
974	OLD_IFS="$IFS"
975	IFS=":"
976	for ff in ${MY_PATH}
977	do
978	if test -f "$ff/pg_config"
979	then
980	PGCONF="$ff/pg_config"
981	fi
982	done
983	IFS="${OLD_IFS}"
984	#
985	#
986	if test "x${PGCONF}" = "xno"
987	then
988	AC_MSG_CHECKING(for PostgreSQL in /usr/local/pgsql /usr/pgsql /usr/local /usr PGSQL_HOME)
989	pgsql_directory="/usr/local/pgsql /usr/pgsql /usr/local /usr ${PGSQL_HOME}"
990	for i in $pgsql_directory; do
991	if test -r $i/include/pgsql/libpq-fe.h; then
992	PGSQL_INC_DIR=$i/include
993	PGSQL_DIR=$i
994	# use AC_CHECK_HEADERS to check for pgsql/libpq-fe.h
995	fi
996	done
997	if test -z "$PGSQL_DIR"; then
998	for i in $pgsql_directory; do
999	if test -r $i/include/libpq-fe.h; then
1000	PGSQL_INC_DIR=$i/include
1001	PGSQL_DIR=$i
1002	fi
1003	done
1004	fi
1005
1006	if test -z "$PGSQL_DIR"; then
1007	tmp=""
1008	for i in $pgsql_directory; do
1009	tmp="$tmp $i/include $i/include/pgsql"
1010	done
1011	FAIL_MESSAGE("PostgreSQL header file (libpq-fe.h)", $tmp)
1012	fi
1013
1014	for i in lib lib/pgsql; do
1015	str="$PGSQL_DIR/$i/libpq.*"
1016	for j in `echo $str`; do
1017	if test -r $j; then
1018	PGSQL_LIB_DIR="$PGSQL_DIR/$i"
1019	break 2
1020	fi
1021	done
1022	done
1023
1024	if test -z "$PGSQL_LIB_DIR"; then
1025	for ff in $pgsql_directory; do
1026	for i in lib lib/pgsql; do
1027	str="$ff/$i/libpq.*"
1028	for j in `echo $str`; do
1029	if test -r $j; then
1030	PGSQL_LIB_DIR="$ff/$i"
1031	break 3
1032	fi
1033	done
1034	done
1035	done
1036	fi
1037
1038	if test -z "$PGSQL_LIB_DIR"; then
1039	tmp=""
1040	for i in $pgsql_directory; do
1041	tmp="$i/lib $i/lib/pgsql"
1042	done
1043	FAIL_MESSAGE("postgresql library libpq", $tmp)
1044	fi
1045
1046	AC_MSG_RESULT(yes)
1047
1048	LIBS="$LIBS -L${PGSQL_LIB_DIR} -lpq -lm"
1049	if test x"$enable_static" = xyes; then
1050	LIBS="$LIBS -L${PGSQL_LIB_DIR} -lpq -lcrypt -lm"
1051	else
1052	LIBS="$LIBS -L${PGSQL_LIB_DIR} -lpq -lm"
1053	fi
1054	# CFLAGS="$CFLAGS -I${PGSQL_INC_DIR}"
1055	CPPFLAGS="$CPPFLAGS -I${PGSQL_INC_DIR}"
1056	AC_CHECK_HEADERS(pgsql/libpq-fe.h)
1057	else
1058	pg_lib_dir=`${PGCONF} --libdir`
1059	if test x"$enable_static" = xyes; then
1060	LIBS="$LIBS -L${pg_lib_dir} -lpq -lcrypt -lm"
1061	else
1062	LIBS="$LIBS -L${pg_lib_dir} -lpq -lm"
1063	fi
1064	pg_inc_dir=`${PGCONF} --includedir`
1065	# CFLAGS="$CFLAGS -I${pg_inc_dir}"
1066	CPPFLAGS="$CPPFLAGS -I${pg_inc_dir}"
1067	fi
1068	elif test "x${withval}" = "xodbc"; then
1069	AC_MSG_CHECKING(for odbc in /usr /usr/local ODBC_HOME)
1070	odbc_directory="/usr /usr/local"
1071
1072	for i in $odbc_directory; do
1073	if test -r $i/include/sql.h; then
1074	if test -r $i/include/sqlext.h; then
1075	if test -r $i/include/sqltypes.h; then
1076	ODBC_DIR=$i
1077	ODBC_INC_DIR=$i/include
1078	fi
1079	fi
1080	fi
1081	done
1082
1083	if test -z "$ODBC_DIR"; then
1084	tmp=""
1085	for i in $odbc_directory; do
1086	tmp="$tmp $i/include"
1087	done
1088	FAIL_MESSAGE("odbc headers (sql.h sqlext.h sqltypes.h)", $tmp)
1089	fi
1090
1091	str="$ODBC_DIR/lib/libodbc.*"
1092	for j in `echo $str`; do
1093	if test -r $j; then
1094	ODBC_LIB_DIR="$ODBC_DIR/lib"
1095	ODBC_LIB="odbc"
1096	fi
1097	done
1098
1099	if test -z "$ODBC_LIB_DIR"; then
1100	FAIL_MESSAGE("odbc library (libodbc)", "$ODBC_DIR/lib")
1101	fi
1102
1103	AC_MSG_RESULT(yes)
1104	CPPFLAGS="${CPPFLAGS} -I${ODBC_INC_DIR}"
1105	LIBS="${LIBS} -L${ODBC_LIB_DIR} -l$ODBC_LIB"
1106	AC_DEFINE(WITH_ODBC)
1107	AC_DEFINE(WITH_DATABASE)
1108
1109	elif test "x${withval}" = "xoracle"; then
1110	AC_MSG_CHECKING(for oracle in /usr /usr/local ORACLE_HOME)
1111	oracle_directory="/usr /usr/local ${ORACLE_HOME}"
1112	for i in $oracle_directory; do
1113	if test -r $i/rdbms/demo/oci.h; then
1114	ORACLE_DIR=$i
1115	fi
1116	done
1117
1118	if test -z "$ORACLE_DIR"; then
1119	tmp=""
1120	for i in $oracle_directory; do
1121	tmp="$tmp $i/rdbms/demo"
1122	done
1123	FAIL_MESSAGE("OCI header file (oci.h)", $tmp)
1124	else
1125	for i in rdbms/demo rdbms/public network/public; do
1126	ORACLE_CPP_FLAGS="$ORACLE_CPP_FLAGS -I$ORACLE_DIR/$i"
1127	done
1128	ORACLE_LIB_DIR="$ORACLE_DIR/lib"
1129	AC_MSG_RESULT(yes)
1130
1131	CPPFLAGS="${CPPFLAGS} ${ORACLE_CPP_FLAGS}"
1132
1133	ORACLE_LIBS="-lclntsh"
1134	if test -r $ORACLE_LIB_DIR/libwtc9.so; then
1135	ORACLE_LIBS="${ORACLE_LIBS} -lwtc9"
1136	elif test -r $ORACLE_LIB_DIR/libwtc8.so; then
1137	ORACLE_LIBS="${ORACLE_LIBS} -lwtc8"
1138	fi
1139	LIBS="${LIBS} -L${ORACLE_LIB_DIR} ${ORACLE_LIBS}"
1140	if test "x$GCC" != "xyes"; then
1141	CFLAGS="${CFLAGS} -fno-strict-aliasing"
1142	fi
1143	fi
1144	AC_DEFINE(WITH_ORACLE)
1145	AC_DEFINE(WITH_DATABASE)
1146
1147	else
1148	AC_MSG_ERROR([--with-database: unsupported database ${withval}])
1149	fi
1150	]
1151	)
1152
1153	AC_ARG_WITH(console,
1154	[ --with-console=PATH set path to console device [[/dev/console]]],
1155	[
1156	if test "x${withval}" != xno; then
1157	mycons="$withval"
1158	AC_DEFINE_UNQUOTED(DEFAULT_CONSOLE, _("${mycons}") )
1159	fi
1160	])
1161
1162	AC_ARG_WITH(altconsole,
1163	[ --with-altconsole=PATH set path to second console device [[none]]],
1164	[
1165	if test "x${withval}" != xno; then
1166	myaltcons="$withval"
1167	else
1168	myaltcons="NULL"
1169	fi
1170	],
1171	[myaltcons="NULL"])
1172	AC_DEFINE_UNQUOTED(ALT_CONSOLE, _("${myaltcons}") )
1173
1174	AC_ARG_WITH(timeserver,
1175	[ --with-timeserver=HOST set host address for time server [[none]]],
1176	[
1177	if test "x${withval}" != xno; then
1178	mytimeserv="$withval"
1179	AC_DEFINE(HAVE_NTIME)
1180	else
1181	mytimeserv="NULL"
1182	fi
1183	],
1184	mytimeserv="NULL")
1185	AC_DEFINE_UNQUOTED(DEFAULT_TIMESERVER, _("${mytimeserv}") )
1186
1187	AC_ARG_WITH(alttimeserver,
1188	[ --with-alttimeserver=HOST set address for backup time server [[none]]],
1189	[
1190	if test "x${withval}" != xno; then
1191	myalttimeserv="$withval"
1192	AC_DEFINE(HAVE_NTIME)
1193	else
1194	myalttimeserv="NULL"
1195	fi
1196	],
1197	myalttimeserv="NULL")
1198	AC_DEFINE_UNQUOTED(ALT_TIMESERVER, _("${myalttimeserv}") )
1199
1200	AC_ARG_ENABLE(login-watch,
1201	[ --enable-login-watch watch for login/logout [[no]]],
1202	[
1203	if test "x${enable_login_watch}" = xyes; then
1204	AC_DEFINE(SH_USE_UTMP)
1205	fi
1206	]
1207	)
1208
1209	AC_ARG_ENABLE(mounts-check,
1210	[ --enable-mounts-check check mount options on filesystems [[no]]],
1211	[
1212	if test "x${enable_mounts_check}" = xyes; then
1213	AC_DEFINE(SH_USE_MOUNTS)
1214	fi
1215	]
1216	)
1217
1218	AC_ARG_ENABLE(userfiles,
1219	[ --enable-userfiles check for users' config files [[no]]],
1220	[
1221	if test "x${enableval}" = "xyes"; then
1222	AC_DEFINE(SH_USE_USERFILES)
1223	fi
1224	]
1225	)
1226
1227	AC_ARG_ENABLE(debug,
1228	[ --enable-debug enable debug options [[no]]],
1229	[
1230	if test "x${enable_debug}" = "xyes"; then
1231	if test "x${mydebugflag}" != "xyes"; then
1232	AC_DEFINE(MEM_DEBUG)
1233	fi
1234	AC_DEFINE(WITH_TPT)
1235	AC_DEFINE(SL_DEBUG)
1236	AC_DEFINE(SL_FAIL_ON_ERROR)
1237	if test "x${myneedg3}" = "xyes"; then
1238	mydebugdef="-g3"
1239	else
1240	mydebugdef="-g"
1241	fi
1242	mydebugit="yes"
1243	fi
1244	]
1245	)
1246	AC_SUBST(mydebugdef)
1247
1248	AC_ARG_ENABLE(ptrace,
1249	[ --enable-ptrace use anti-debugger options [[no]]],
1250	[
1251	if test "x${enable_ptrace}" = xyes; then
1252	if test "x$mydebugit" != "xyes"; then
1253	AC_DEFINE(SCREW_IT_UP)
1254	fi
1255	fi
1256	]
1257	)
1258
1259	dnl
1260	if test "x$GCC" = "xyes"; then
1261	if test ! -z "`echo "$CFLAGS" \| grep "\-g\ " 2> /dev/null`" ; then
1262	CFLAGS=`echo $CFLAGS \| sed 's%\-g%%' `
1263	fi
1264
1265	dnl if test ! -z "`echo "$CFLAGS" \| grep "\-O2" 2> /dev/null`" ; then
1266	dnl CFLAGS=`echo $CFLAGS \| sed 's%\-O2%\-O3%' `
1267	dnl fi
1268
1269	if test -z "`echo "$CFLAGS" \| grep "\-Wall" 2> /dev/null`" ; then
1270	CFLAGS="$CFLAGS -Wall -W "
1271	fi
1272
1273	if test -z "`echo "$CFLAGS" \| grep "\-fstrength\-reduce" 2> /dev/null`"
1274	then
1275	if test -z "`echo "$CFLAGS" \| grep "\-fno\-strength\-reduce" 2> /dev/null`"
1276	then
1277	CFLAGS="$CFLAGS -fno-strength-reduce"
1278	fi
1279	fi
1280
1281	if test -z "`echo "$CFLAGS" \| grep "\-fomit\-frame\-pointer" 2> /dev/null`"
1282	then
1283	if test -z "`echo "$CFLAGS" \| grep "\-fno\-omit\-frame\-pointer" 2> /dev/null`"
1284	then
1285	CFLAGS="$CFLAGS -fno-omit-frame-pointer"
1286	fi
1287	fi
1288
1289	fi
1290
1291	AC_MSG_CHECKING([which random module to use])
1292	AC_ARG_WITH(rnd,
1293	[ --with-rnd=[[egd\|unix\|dev\|default]] random number generator [[default]]],
1294	[use_static_rnd=$withval], [use_static_rnd=default] )
1295
1296	if test "$use_static_rnd" = no; then
1297	use_static_rnd=default
1298	fi
1299
1300	case "$use_static_rnd" in
1301	egd \| dev \| unix \| default )
1302	AC_MSG_RESULT($use_static_rnd)
1303	;;
1304	* )
1305	AC_MSG_RESULT([invalid argument])
1306	AC_MSG_ERROR([--with-rnd: there is no random module ${use_static_rnd}])
1307	;;
1308	esac
1309
1310	AC_ARG_WITH(egd-socket,
1311	[ --with-egd-socket=NAME EGD socket name],
1312	egd_socket_name="$withval", egd_socket_name="" )
1313	AC_DEFINE_UNQUOTED(EGD_SOCKET_NAME, _("$egd_socket_name") )
1314
1315	dnl
1316	dnl See whether the user wants to disable checking for /dev/random
1317
1318	try_dev_random=yes
1319
1320	case "$use_static_rnd" in
1321	dev \| default )
1322	try_dev_random=yes
1323	;;
1324	egd)
1325	AC_DEFINE(HAVE_EGD_RANDOM)
1326	try_dev_random=no
1327	;;
1328	unix)
1329	AC_DEFINE(HAVE_UNIX_RANDOM)
1330	try_dev_random=no
1331	;;
1332	esac
1333
1334
1335	if test "x$try_dev_random" = "xyes"; then
1336	AC_MSG_CHECKING(whether /dev/random exists)
1337	if test -r "/dev/srandom" && test -c "/dev/srandom"; then
1338	AC_DEFINE(HAVE_URANDOM)
1339	AC_DEFINE_UNQUOTED(NAME_OF_DEV_RANDOM, _("/dev/srandom") )
1340	AC_MSG_RESULT(yes)
1341	if test -r "/dev/urandom" && test -c "/dev/urandom"; then
1342	AC_DEFINE_UNQUOTED(NAME_OF_DEV_URANDOM, _("/dev/urandom") )
1343	fi
1344	else
1345	if test -r "/dev/random" && test -c "/dev/random"; then
1346	AC_DEFINE(HAVE_URANDOM)
1347	AC_DEFINE_UNQUOTED(NAME_OF_DEV_RANDOM, _("/dev/random") )
1348	AC_MSG_RESULT(yes)
1349	if test -r "/dev/urandom" && test -c "/dev/urandom"; then
1350	AC_DEFINE_UNQUOTED(NAME_OF_DEV_URANDOM, _("/dev/urandom") )
1351	fi
1352	else
1353	AC_MSG_RESULT(no)
1354	AC_DEFINE(HAVE_UNIX_RANDOM)
1355	fi
1356	fi
1357	fi
1358
1359
1360	dnl
1361	dnl NETWORK OPTIONS
1362	dnl
1363
1364
1365	AC_ARG_ENABLE(network,
1366	[ --enable-network=[[client\|server]] compile client or server [[no]]],
1367	[
1368	if test "x$enable_network" = xclient; then
1369	mytclient="-DSH_WITH_CLIENT"
1370	yulectl_prg=
1371	setpwd_prg="samhain_setpwd"
1372	sh_main_prg="samhain"
1373	if test "x${sh_have_gmp}" = xyes
1374	then
1375	LIBS="-lgmp $LIBS"
1376	fi
1377	dnl AC_CHECK_HEADER(sys/capability.h,
1378	dnl [AC_CHECK_LIB(cap, cap_get_proc,,sh_use_lcaps="no")],
1379	dnl [sh_use_lcaps="no"])
1380	elif test "x$enable_network" = xserver; then
1381	mytclient="-DSH_WITH_SERVER"
1382	yulectl_prg="yulectl"
1383	setpwd_prg="samhain_setpwd"
1384	sh_main_prg="yule"
1385	if test "x${sh_have_gmp}" = xyes
1386	then
1387	LIBS="-lgmp $LIBS"
1388	fi
1389	sh_use_lcaps="undef"
1390	elif test "x$enable_network" = xno; then
1391	mytclient="-DSH_STANDALONE"
1392	yulectl_prg=
1393	setpwd_prg=
1394	sh_main_prg="samhain"
1395	dnl AC_CHECK_HEADER(sys/capability.h,
1396	dnl [AC_CHECK_LIB(cap, cap_get_proc,,sh_use_lcaps="no")],
1397	dnl [sh_use_lcaps="no"])
1398	else
1399	AC_MSG_ERROR([--enable-network=WHAT: WHAT must be client, server, or no])
1400	fi
1401	],
1402	[
1403	mytclient="-DSH_STANDALONE"
1404	setpwd_prg=
1405	yulectl_prg=
1406	sh_main_prg="samhain"
1407	dnl AC_CHECK_HEADER(sys/capability.h,
1408	dnl [AC_CHECK_LIB(cap, cap_get_proc,,sh_use_lcaps="no")],
1409	dnl [sh_use_lcaps="no"])
1410	],
1411	)
1412	AC_SUBST(setpwd_prg)
1413	AC_SUBST(yulectl_prg)
1414	AC_SUBST(sh_main_prg)
1415	AC_SUBST(mytclient)
1416
1417	# needed for the rpm spec
1418	clmytclient=`echo ${mytclient} \| sed s%\-%%`
1419	AC_SUBST(clmytclient)
1420
1421	AC_ARG_ENABLE(udp,
1422	[ --enable-udp server can listen on port 514/udp [[no]]],
1423	[
1424	if test "x${enable_udp}" = xyes; then
1425	AC_DEFINE(INET_SYSLOG)
1426	fi
1427	]
1428	)
1429
1430	myencrypt=yes
1431	AC_ARG_ENABLE(encrypt,
1432	[ --disable-encrypt disable client/server encryption],
1433	[
1434	if test "x${enable_encrypt}" = xno; then
1435	myencrypt=no
1436	elif test "x${enable_encrypt}" = "x1"; then
1437	myencrypt=1
1438	fi
1439	]
1440	)
1441	if test "x${myencrypt}" = "xyes"; then
1442	AC_DEFINE(SH_ENCRYPT)
1443	AC_DEFINE(SH_ENCRYPT_2)
1444	elif test "x${myencrypt}" = "x1"; then
1445	AC_DEFINE(SH_ENCRYPT)
1446	fi
1447
1448	sh_use_srp_proto=yes
1449	AC_ARG_ENABLE(srp,
1450	[ --disable-srp disable SRP for authentication],
1451	[
1452	if test "x${enable_srp}" = xno; then
1453	sh_use_srp_proto=no
1454	fi
1455	]
1456	)
1457	if test "x${sh_use_srp_proto}" = xyes; then
1458	AC_DEFINE(USE_SRP_PROTOCOL)
1459	fi
1460
1461	AC_ARG_WITH(port,
1462	[ --with-port=PORT set port to use for TCP/IP connection [[49777]]],
1463	[
1464	echo "${withval}" \| grep ['[^0123456789]'] >/dev/null 2>&1 &&
1465	AC_MSG_ERROR([--with-port: PORT must be numeric])
1466	myport=${withval}
1467	],
1468	[myport="49777"])
1469	AC_DEFINE_UNQUOTED(SH_DEFAULT_PORT, ${myport})
1470	AC_SUBST(myport)
1471
1472	AC_ARG_WITH(logserver,
1473	[ --with-logserver=HOST set host address for log server [[none]]],
1474	[
1475	case "$withval" in
1476	. \| localhost)
1477	mylogsrv="$withval"
1478	;;
1479	*)
1480	mylogsrv="$withval"
1481	;;
1482	esac
1483	],
1484	[mylogsrv="NULL"])
1485	AC_DEFINE_UNQUOTED(DEFAULT_LOGSERVER, _("${mylogsrv}") )
1486	AC_SUBST(mylogsrv)
1487
1488	AC_ARG_WITH(altlogserver,
1489	[ --with-altlogserver=HOST set address for backup log server [[none]]],
1490	[
1491	case "$withval" in
1492	. \| localhost)
1493	myaltlogsrv="$withval"
1494	;;
1495	*)
1496	myaltlogsrv="$withval"
1497	;;
1498	esac
1499	],
1500	[myaltlogsrv="NULL"])
1501	AC_DEFINE_UNQUOTED(ALT_LOGSERVER, _("${myaltlogsrv}"))
1502
1503
1504
1505	dnl
1506	dnl STEALTH OPTIONS
1507	dnl
1508	nocl_code=
1509	xor_code=0
1510	AC_ARG_ENABLE(nocl,
1511	[ --enable-nocl=PW no CL parsing unless first CL argument is PW],
1512	[
1513	if test "x${enableval}" != "x"; then
1514	AC_DEFINE(SH_STEALTH_NOCL)
1515	fi
1516	if test "x${enableval}" = "xstop" \|\| test "x${enableval}" = "xstart"; then
1517	AC_MSG_ERROR([--enable-nocl: start/stop/reload/restart/status are reserved words])
1518	fi
1519	if test "x${enableval}" = "xreload" \|\| test "x${enableval}" = "xrestart"; then
1520	AC_MSG_ERROR([--enable-nocl: start/stop/reload/restart/status are reserved words])
1521	fi
1522	if test "x${enableval}" = "xstatus"; then
1523	AC_MSG_ERROR([--enable-nocl: start/stop/reload/restart/status are reserved words])
1524	fi
1525	if test "x${enableval}" = "xno"; then
1526	AC_MSG_ERROR([--enable-nocl: use of --enable-nocl=no is ambiguous])
1527	fi
1528	nocl_code="${enable_nocl}"
1529	]
1530	)
1531	AC_DEFINE_UNQUOTED(NOCL_CODE, _("${nocl_code}") )
1532	AC_SUBST(nocl_code)
1533	AC_ARG_ENABLE(stealth,
1534	[ --enable-stealth=XOR_VAL enable stealth mode [[no]]],
1535	[AC_DEFINE(SH_STEALTH)
1536	if test "x${enableval}" != "xyes"; then
1537	echo "${enableval}" \| grep ['[^0123456789]'] >/dev/null 2>&1 &&
1538	AC_MSG_ERROR([--enable-stealth: XOR_VAL must be numeric])
1539	if test "${enableval}" -lt 127 \|\| test "${enableval}" -gt 255; then
1540	if test x"${enableval}" = x0
1541	then
1542	:
1543	else
1544	AC_MSG_ERROR([--enable-stealth: XOR_VAL must be in the range 127 to 255])
1545	fi
1546	fi
1547	xor_code="${enable_stealth}"
1548	else
1549	xor_code=0
1550	fi
1551	stegin_prg="samhain_stealth"
1552	],
1553	[
1554	stegin_prg=
1555	]
1556	)
1557	AC_ARG_ENABLE(micro-stealth,
1558	[ --enable-micro-stealth=XOR_VAL enable micro stealth mode [[no]]],
1559	[
1560	AC_DEFINE(SH_STEALTH)
1561	AC_DEFINE(SH_STEALTH_MICRO)
1562	if test "x${enableval}" != "xyes"; then
1563	echo "${enableval}" \| grep ['[^0123456789]'] >/dev/null 2>&1 &&
1564	AC_MSG_ERROR([--enable-micro-stealth: XOR_VAL must be numeric])
1565	if test "${enableval}" -lt 127 \|\| test "${enableval}" -gt 255; then
1566	if test x"${enableval}" = x0
1567	then
1568	:
1569	else
1570	AC_MSG_ERROR([--enable-micro-stealth: XOR_VAL must be in the range 127 to 255])
1571	fi
1572	fi
1573	xor_code="${enable_micro_stealth}"
1574	else
1575	xor_code=0
1576	fi
1577	]
1578	)
1579	install_name="samhain"
1580	INSTALL_NAME="SAMHAIN"
1581	AC_ARG_ENABLE(install-name,
1582	[ --enable-install-name=NAME name under which to install [[samhain\|yule]]],
1583	[
1584	if test "x${enableval}" != "xyes"; then
1585	install_name="${enableval}"
1586	INSTALL_NAME=`echo "${enableval}" \| tr [a-z] [A-Z]`
1587	else
1588	install_name="${sh_main_prg}"
1589	INSTALL_NAME=`echo "${sh_main_prg}" \| tr [a-z] [A-Z]`
1590	fi
1591	],
1592	[
1593	install_name="${sh_main_prg}"
1594	INSTALL_NAME=`echo "${sh_main_prg}" \| tr [a-z] [A-Z]`
1595	]
1596	)
1597
1598
1599	need_user_install=0
1600
1601	AC_ARG_ENABLE(identity,
1602	[ --enable-identity=USER user if dropping root [[daemon]]],
1603	[
1604	if test x"$enableval" = xno; then
1605	myident="daemon"
1606	else
1607	myident="$enableval"
1608	fi
1609	echo "${myident}" \| grep ['[^0123456789]'] >/dev/null 2>&1 \|\| \
1610	AC_MSG_ERROR([--enable-identity: need username, not UID])
1611	myident_uid=`(cat /etc/passwd; ypcat passwd) 2>/dev/null \|\
1612	grep "^${myident}:" \| awk -F: '{ print $3; }'`
1613	if test x"${myident_uid}" = x; then
1614	AC_MSG_WARN([--enable-identity: user ${myident} will be added upon install])
1615	need_user_install=1
1616	fi
1617	],
1618	[
1619	for myident in ${install_name} daemon nobody; do
1620	AC_MSG_CHECKING(for user ${myident})
1621	myident_uid=`(cat /etc/passwd; ypcat passwd) 2>/dev/null \|\
1622	grep "^${myident}:" \| awk -F: '{ print $3; }'`
1623	if test x"${myident_uid}" != x; then
1624	AC_MSG_RESULT(yes)
1625	break;
1626	else
1627	AC_MSG_RESULT(no)
1628	fi
1629	done
1630	if test x"${myident_uid}" = x; then
1631	myident=${install_name}
1632	AC_MSG_WARN([--enable-identity: user ${myident} will be added upon install])
1633	need_user_install=1
1634	fi
1635	])
1636	AC_DEFINE_UNQUOTED(DEFAULT_IDENT, _("${myident}") )
1637	AC_SUBST(myident)
1638	AC_SUBST(need_user_install)
1639
1640	sh_insmod_cmd=": # no kernel module"
1641	sh_lkm=""
1642	lkm_inc=""
1643	khidemap="/boot/System.map"
1644	sh_syscalltable="0x0"
1645	AC_ARG_ENABLE(khide,
1646	[ --enable-khide=SYSTEM_MAP use kernel module to hide (Linux only)[[/boot/System.map]]],
1647	[
1648	if test "x${enable_khide}" != xno; then
1649	if test "x${enableval}" != "xyes"; then
1650	khidemap="${enableval}"
1651	fi
1652	sh_syscalltable=`egrep '(D\|d\|R\|r) sys_call_table' ${khidemap} \| awk '{print $1}'`
1653	if test x"$sh_syscalltable" = x; then
1654	AC_MSG_ERROR([--enable-khide: symbol sys_call_table not found in ${khidemap}])
1655	fi
1656	sh_syscalltable="0x${sh_syscalltable}"
1657	install_name_len=`echo ${install_name} \| awk '{ print(length()); }'`
1658	if test "${install_name_len}" -gt 15 ; then
1659	AC_MSG_ERROR([--enable-khide: install_name exceeds 15 char length limit])
1660	fi
1661	AC_DEFINE(SH_USE_LKM)
1662	AC_DEFINE_UNQUOTED(SH_MAGIC_HIDE, "${install_name}")
1663
1664	# -- NEW --
1665	kernel_version=`uname -r \| sed s,2.6.*,LINUX26,`
1666	if test x"$kernel_version" = xLINUX26
1667	then
1668	sh_modlist_lock=`egrep ['[bd] modlist_lock$'] ${khidemap} \| awk '{print $1}'`
1669	if test x"$sh_modlist_lock" = x; then
1670	AC_MSG_ERROR([--enable-khide: symbol modlist_lock not found in ${khidemap}])
1671	fi
1672	sh_modlist_lock="0x${sh_modlist_lock}"
1673	AC_DEFINE_UNQUOTED(SH_MODLIST_LOCK, ${sh_modlist_lock}, [The address of the modules list spinlock])
1674
1675	sh_list_modules=`egrep 'd modules$' ${khidemap} \| awk '{print $1}'`
1676	if test x"$sh_list_modules" = x; then
1677	AC_MSG_ERROR([--enable-khide: symbol modules not found in ${khidemap}])
1678	fi
1679	sh_list_modules="0x${sh_list_modules}"
1680	AC_DEFINE_UNQUOTED(SH_LIST_MODULES, ${sh_list_modules}, [The address of the modules list])
1681
1682	AC_DEFINE(LINUX26, 1, [Define if kernel is 2.6])
1683	sh_insmod_cmd="modprobe ${install_name}_hide"
1684	sh_lkm="samhain_hide.ko"
1685	else
1686	sh_insmod_cmd="insmod ${install_name}_hide; insmod ${install_name}_erase; rmmod ${install_name}_erase"
1687	sh_lkm="samhain_hide.o samhain_erase.o"
1688	fi
1689	# -- END NEW --
1690
1691	kvers=`uname -r`
1692	if test -f /lib/modules/${kvers}/build/include/linux/kernel.h; then
1693	lkm_inc="-I/lib/modules/${kvers}/build/include"
1694	else
1695	AC_MSG_WARN([--enable-khide: /lib/modules/${kvers}/build/include/linux not found])
1696	AC_MSG_WARN([--enable-khide: You may need to install the kernel-source])
1697	AC_MSG_WARN([--enable-khide: headers for the currently-running kernel.])
1698	fi
1699	sh_is_vanilla_kernel=yes
1700	if test -f /lib/modules/${kvers}/build/include/linux/sched.h; then
1701	grep 'next_task,' /lib/modules/${kvers}/build/include/linux/sched.h >/dev/null 2>&1 \|\| sh_is_vanilla_kernel=no
1702	fi
1703	if test x"${sh_is_vanilla_kernel}" = xno; then
1704	echo "This is not a 2.4 vanilla kernel"
1705	else
1706	AC_DEFINE(SH_VANILLA_KERNEL)
1707	fi
1708	fi
1709	]
1710	)
1711	AC_SUBST(lkm_inc)
1712	AC_SUBST(sh_lkm)
1713	AC_SUBST(sh_insmod_cmd)
1714	AC_SUBST(install_name)
1715	AC_SUBST(INSTALL_NAME)
1716	AC_SUBST(stegin_prg)
1717	AC_SUBST(xor_code)
1718
1719	AC_DEFINE_UNQUOTED(XOR_CODE, ${xor_code})
1720	AC_DEFINE_UNQUOTED(SH_SYSCALLTABLE, ${sh_syscalltable})
1721
1722
1723	exepack_state0=`${srcdir}/c_random.sh 2>/dev/null`
1724	exepack_state1=`${srcdir}/c_random.sh 2>/dev/null`
1725	exepack_state2=`${srcdir}/c_random.sh 2>/dev/null`
1726
1727	AC_DEFINE_UNQUOTED(EXEPACK_STATE_0, ${exepack_state0})
1728	AC_DEFINE_UNQUOTED(EXEPACK_STATE_1, ${exepack_state1})
1729	AC_DEFINE_UNQUOTED(EXEPACK_STATE_2, ${exepack_state2})
1730
1731
1732	AC_ARG_ENABLE(suidcheck,
1733	[ --enable-suidcheck check for suid/sgid files [[no]]],
1734	[
1735	if test "x${enableval}" = "xyes"; then
1736	AC_DEFINE(SH_USE_SUIDCHK)
1737	fi
1738	]
1739	)
1740
1741
1742	systemmap="/boot/System.map"
1743	sh_libkvm=""
1744	AC_ARG_WITH(kcheck,
1745	[ --with-kcheck[[=SYSTEM_MAP]] check Linux/FreeBSD/OpenBSD kernel integrity [[/boot/System.map]]],
1746	[
1747	if test "x${withval}" != "xno"; then
1748	AC_DEFINE(SH_USE_KERN)
1749	kernelversion=`uname -r`
1750	AC_DEFINE_UNQUOTED(SH_KERNEL_VERSION, _("${kernelversion}"), [Define the kernel version])
1751	if test "x${withval}" != "xyes"; then
1752	systemmap="${withval}"
1753	fi
1754	if test "x${cross_compiling}" = xyes; then
1755	:
1756	elif test "x$selectconfig" = "xfreebsd"; then
1757	LIBS="$LIBS -lkvm"
1758	sh_libkvm="-lkvm"
1759	elif test -f "${systemmap}"; then
1760	:
1761	else
1762	AC_MSG_ERROR([--with-kcheck: cannot find system map ${systemmap}])
1763	fi
1764	fi
1765	]
1766	)
1767	AC_SUBST(systemmap)
1768	AC_SUBST(sh_libkvm)
1769
1770	AC_ARG_ENABLE(base,
1771	[ --enable-base=B1,B2 base key (0...2147483647)],
1772	[
1773	AC_MSG_CHECKING(base key setting)
1774	my_key_A=`echo ${enableval} \| awk 'BEGIN{FS=","}{print $1}'`
1775	my_key_B=`echo ${enableval} \| awk 'BEGIN{FS=","}{print $2}'`
1776	AC_MSG_RESULT(${my_key_A} ${my_key_B})
1777	if test "x${my_key_A}" = x; then
1778	AC_MSG_ERROR([--enable-base: first base key has zero length])
1779	fi
1780	if test "x${my_key_B}" = x; then
1781	AC_MSG_ERROR([--enable-base: second base key has zero length])
1782	fi
1783	echo "${my_key_A}" \| grep ['[^0123456789]'] >/dev/null 2>&1 &&
1784	AC_MSG_ERROR([--enable-base: base key must be numeric in the range 0 to 2147483647])
1785	echo "${my_key_B}" \| grep ['[^0123456789]'] >/dev/null 2>&1 &&
1786	AC_MSG_ERROR([--enable-base: base key must be numeric in the range 0 to 2147483647])
1787	],
1788	[
1789	AC_MSG_CHECKING(base key setting .. collecting entropy)
1790	my_key_1=`${srcdir}/c_random.sh 2>/dev/null`
1791	my_key_2=`${srcdir}/c_random.sh 2>/dev/null`
1792	my_key_3=`${srcdir}/c_random.sh 2>/dev/null`
1793	my_key_4=`${srcdir}/c_random.sh 2>/dev/null`
1794	my_key_A=`expr $my_key_1 \* 32767`
1795	my_key_A=`echo ${my_key_A} \| sed 's%^0*%%g' 2>/dev/null`
1796	my_key_A=`expr $my_key_A \+ $my_key_2`
1797	my_key_B=`expr $my_key_3 \* 32767`
1798	my_key_B=`echo ${my_key_B} \| sed 's%^0*%%g' 2>/dev/null`
1799	my_key_B=`expr $my_key_B \+ $my_key_4`
1800	AC_MSG_RESULT(${my_key_A} ${my_key_B})
1801	]
1802	)
1803	AC_SUBST(my_key_A)
1804	AC_SUBST(my_key_B)
1805
1806	dnl low bytes
1807	my_key_1=`expr $my_key_A \% 65536`
1808	dnl high bytes
1809	my_key_2=`expr $my_key_A \/ 65536`
1810	dnl low bytes
1811	my_key_3=`expr $my_key_B \% 65536`
1812	dnl high bytes
1813	my_key_4=`expr $my_key_B \/ 65536`
1814
1815	dnl echo ${my_key_1} ${my_key_2} ${my_key_3} ${my_key_4}
1816
1817	dnl touch ./sh_MK.h
1818	dnl echo "#ifndef SH_MK_H" >> ./sh_MK.h
1819	dnl echo "#define SH_MK_H" >> ./sh_MK.h
1820	dnl ${srcdir}/c_bits.sh ${my_key_1} MKB >> ./sh_MK.h
1821	dnl ${srcdir}/c_bits.sh ${my_key_2} MKA >> ./sh_MK.h
1822	dnl ${srcdir}/c_bits.sh ${my_key_3} MKC >> ./sh_MK.h
1823	dnl ${srcdir}/c_bits.sh ${my_key_4} MKD >> ./sh_MK.h
1824	dnl echo "#endif" >> ./sh_MK.h
1825	AC_SUBST(my_key_1)
1826	AC_SUBST(my_key_2)
1827	AC_SUBST(my_key_3)
1828	AC_SUBST(my_key_4)
1829
1830	AC_MSG_CHECKING(key position)
1831	pos_tf_1=`${srcdir}/c_random.sh 2>/dev/null`
1832	pos_tf_2=`expr $pos_tf_1 \% 8`
1833	pos_tf=`expr $pos_tf_2 + 1`
1834	AC_MSG_RESULT(${pos_tf})
1835	AC_DEFINE_UNQUOTED(POS_TF, ${pos_tf} )
1836
1837	mykeybase=`echo ${my_key_A},${my_key_B}`
1838	AC_DEFINE_UNQUOTED(DEFKEY, ${mykeybase} )
1839	AC_SUBST(mykeybase)
1840
1841
1842	dnl
1843	dnl GPG/PGP options
1844	dnl
1845
1846	AC_ARG_WITH(gpg,
1847	[ --with-gpg=PATH use GnuPG to verify database/config [[no]]],
1848	[
1849	if test "x${withval}" != "xno"; then
1850	if test "x${cross_compiling}" = xyes; then
1851	mygpg="${withval}"
1852	else
1853	if test -f "${withval}"; then
1854	mygpg="${withval}"
1855	mychk0=`${withval} --load-extension tiger --print-md TIGER192 ${withval} 2>/dev/null`
1856	if test "x$?" != "x0"; then
1857	mychktest=no
1858	for sampre in ./samhain ./yule /usr/local/sbin/samhain /usr/local/bin/samhain /usr/bin/samhain /usr/sbin/samhain /usr/local/sbin/yule /usr/local/bin/yule /usr/bin/yule /usr/sbin/yule; do
1859	if test x"${mychktest}" = xyes
1860	then
1861	:
1862	else
1863	if test -f ${sampre}
1864	then
1865	echo "use existing ${sampre} for gpg checksum"
1866	mychk0=`${sampre} -H ${withval} 2>/dev/null`
1867	if test "x$?" != "x0"; then
1868	:
1869	else
1870	mychk="${mychk0}"
1871	mychktest=yes
1872	fi
1873	fi
1874	fi
1875	done
1876	if test x${mychktest} = xno; then
1877	AC_MSG_WARN([--with-gpg: cannot determine TIGER192 checksum of ${withval}])
1878	echo "-------------------------------------------------------------"
1879	echo " Your gpg binary does not support the TIGER192 checksum, "
1880	echo " and I cannot find an existing samhain binary to use instead."
1881	echo " You can:"
1882	echo " (a) run make to compile a samhain binary, then repeat"
1883	echo " ./configure and make"
1884	echo " (b) ignore the failure. The checksum of the gpg binary"
1885	echo " will not get compiled in, thus allowing an attacker"
1886	echo " to replace gpg with a trojan and subverting the gpg"
1887	echo " signature verification of configure and database files."
1888	echo "-------------------------------------------------------------"
1889	fi
1890	else
1891	mychk="${mychk0}"
1892	fi
1893	else
1894	AC_MSG_WARN([--with-gpg: cannot find GnuPG PATH=${withval}])
1895	fi
1896	fi
1897	AC_DEFINE(WITH_GPG)
1898	AC_DEFINE_UNQUOTED(DEFAULT_GPG_PATH, _("${mygpg}") )
1899	AC_SUBST(mygpg)
1900	fi
1901	]
1902	)
1903
1904	dnl AC_ARG_WITH(pgp,
1905	dnl [ --with-pgp=PATH Use PGP to verify database/config (no).],
1906	dnl [myppg="$withval"
1907	dnl AC_DEFINE(WITH_PGP)
1908	dnl AC_DEFINE_UNQUOTED(DEFAULT_PGP_PATH, _("${myppg}") )
1909	dnl ])
1910
1911	AC_ARG_WITH(checksum,
1912	[ --with-checksum=CHKSUM compile in gpg/pgp checksum [[yes]]],
1913	[
1914	if test "x${withval}" != "xno"; then
1915	if test "x${withval}" != "xyes"; then
1916	if test "x${mychk}" != "x"; then
1917	if test "x${mychk}" != "x${withval}"; then
1918	AC_MSG_WARN([--with-checksum: possible gpg CHKSUM problem])
1919	AC_MSG_WARN([--with-checksum: CHKSUM=${withval}])
1920	AC_MSG_WARN([--with-checksum: autodetected=${mychk}])
1921	fi
1922	fi
1923	mychk="${withval}"
1924	else
1925	if test "x${mychk}" = "x"; then
1926	AC_MSG_ERROR([--with-checksum: gpg CHKSUM not specified])
1927	fi
1928	fi
1929	AC_DEFINE(HAVE_GPG_CHECKSUM)
1930	AC_DEFINE_UNQUOTED(GPG_HASH, _("${mychk}") )
1931	echo "${mychk}" \| sed 's,.*:,,g' \| sed 's, ,,g' \| sed 's,\(.\),\1:,g' \| awk '{ split($0, arr, ":"); m = length($1)/2; print "#ifndef CHKSUM_H"; print "#define CHKSUM_H"; print "char gpgchk[50];"; for (i=1; i <= m; i++) printf "gpgchk[%d] = %c%s%c;\n", i-1, 39, arr[i], 39; printf "gpgchk[48] = %c%c0%c;\n", 39, 92, 39; print "#endif"; }' > sh_gpg_chksum.h
1932	fi
1933	],
1934	[
1935	if test "x${mygpg}" != "x"; then
1936	if test "x${mychk}" != "x"; then
1937	AC_DEFINE(HAVE_GPG_CHECKSUM)
1938	AC_DEFINE_UNQUOTED(GPG_HASH, _("${mychk}") )
1939	echo "${mychk}" \| sed 's,.*:,,g' \| sed 's, ,,g' \| sed 's,\(.\),\1:,g' \| awk '{ split($0, arr, ":"); m = length($1)/2; print "#ifndef CHKSUM_H"; print "#define CHKSUM_H"; print "char gpgchk[50];"; for (i=1; i <= m; i++) printf "gpgchk[%d] = %c%s%c;\n", i-1, 39, arr[i], 39; printf "gpgchk[48] = %c%c0%c;\n", 39, 92, 39; print "#endif"; }' > sh_gpg_chksum.h
1940	fi
1941	fi
1942	]
1943	)
1944
1945	AC_ARG_WITH(fp,
1946	[ --with-fp=FINGERPRINT compile in public key fingerprint [[no]]],
1947	[
1948	if test "x${withval}" != "xno"; then
1949	if test "x${withval}" != "xyes"; then
1950	withval0=`echo ${withval} \| sed 's% %%g'`
1951	echo "${withval0}" \| \
1952	grep ['[^0123456789abcdefABCDEF]'] >/dev/null 2>&1 &&
1953	AC_MSG_ERROR([--with-fp: invalid character(s) in FINGERPRINT=${withval0}])
1954	sh_len=`echo ${withval0} \| wc -c \| sed 's% %%g'`
1955	sh_len0=`expr ${sh_len} \- 1`
1956	if test "x${sh_len0}" = "x40" \|\| test "x${sh_len0}" = "x32"
1957	then
1958	myfp="${withval0}"
1959	AC_DEFINE(USE_FINGERPRINT)
1960	AC_DEFINE_UNQUOTED(SH_GPG_FP, _("${myfp}") )
1961	echo "${myfp}" \| sed 's,.*:,,g' \| sed 's, ,,g' \| sed 's,\(.\),\1:,g' \| awk '{ split($0, arr, ":"); m = length($1)/2; print "#ifndef FINGERPRINT_H"; print "#define FINGERPRINT_H"; printf "char gpgfp[%d];\n", m+1; for (i=1; i <= m; i++) printf "gpgfp[%d] = %c%s%c;\n", i-1, 39, arr[i], 39; printf "gpgfp[%d] = %c%c0%c;\n", m, 39, 92, 39; print "#endif"; }' > sh_gpg_fp.h
1962	else
1963	AC_MSG_ERROR([--with-fp: length (${sh_len0}) of FINGERPRINT ${withval0} incorrect])
1964	fi
1965	else
1966	AC_MSG_ERROR([--with-fp: usage error ... FINGERPRINT=yes])
1967	fi
1968	fi
1969	])
1970
1971
1972	dnl
1973	dnl MAIL OPTIONS
1974	dnl
1975
1976	AC_ARG_WITH(recipient,
1977	[ --with-recipient=ADDR set recipient(s) for e-mail [[none]]],
1978	[
1979	withval0=`echo ${withval} \| sed 's%,% %g'`
1980	for sh_item in ${withval0}
1981	do
1982	case ${sh_item} in
1983	*@localhost)
1984	;;
1985	@.*)
1986	sh_tmp=`echo ${sh_item} \| awk '{ if ($1 ~ [/^[a-zA-Z0-9][a-zA-Z0-9\-_\.]*@[a-zA-Z0-9\-\.]+\.([a-zA-Z]+\|[0-9]+)$/]) {print 1; } else { print 0}}'`
1987	if test "x${sh_tmp}" != "x1"
1988	then
1989	AC_MSG_ERROR([--with-recipient: invalid mail address ${sh_item}])
1990	fi
1991	;;
1992	*)
1993	AC_MSG_ERROR([--with-recipient: invalid mail address ${sh_item}])
1994	;;
1995	esac
1996	done
1997	myrcp="$withval0"
1998	],
1999	[myrcp="NULL"])
2000	AC_DEFINE_UNQUOTED(DEFAULT_MAILADDRESS, _("${myrcp}") )
2001
2002
2003	AC_ARG_WITH(sender,
2004	[ --with-sender=SENDER set sender for e-mail [[daemon]]],
2005	[
2006	mysender="${withval}"
2007	],
2008	[
2009	mysender="daemon"
2010	])
2011	AC_DEFINE_UNQUOTED(DEFAULT_SENDER, _("${mysender}") )
2012
2013
2014	dnl
2015	dnl PATHS
2016	dnl
2017
2018	AC_ARG_WITH(trusted,
2019	[ --with-trusted=UID Set uid(s) of trusted users [[0]]],
2020	[
2021	sh_tmp_test=no
2022	sh_tmp=`echo ${withval} \| sed 's%,% %g'`
2023	for sh_tmp1 in ${sh_tmp}
2024	do
2025	echo "${sh_tmp1}" \| grep ['[^0123456789]'] >/dev/null 2>&1 &&
2026	AC_MSG_ERROR([--with-trusted: non-numeric UID in ${withval}])
2027	if test "x${sh_tmp1}" = "x0"
2028	then
2029	sh_tmp_test=yes
2030	fi
2031	done
2032	if test "x${sh_tmp_test}" = "xno"
2033	then
2034	withval="0,${withval}"
2035	fi
2036	mytrust="${withval}"
2037	],
2038	[mytrust="0"] )
2039	AC_DEFINE_UNQUOTED(SL_ALWAYS_TRUSTED, ${mytrust} )
2040	AC_SUBST(mytrust)
2041
2042	AC_ARG_WITH(tmp-dir,
2043	[ --with-tmp-dir=PFX set directory for temporary files [[HOME]]],
2044	[
2045	if test "x${cross_compiling}" = xyes; then
2046	:
2047	else
2048	if test -d "${withval}"; then
2049	my_tmp_dir="$withval"
2050	AC_DEFINE_UNQUOTED(SH_TMPDIR, _("${my_tmp_dir}") )
2051	else
2052	AC_MSG_ERROR([--with-tmp-dir: tmp directory ${withval} does not exist])
2053	fi
2054	fi
2055	]
2056	)
2057
2058	dnl
2059	dnl PATH DEFAULTS
2060	dnl
2061
2062	if test "x${ac_prefix_set}" = xyes
2063	then
2064	if test "x${exec_prefix}" = xNONE
2065	then
2066	exec_prefix="${prefix}"
2067	fi
2068
2069	if test "x${prefix}" = xOPT
2070	then
2071	tmp_sbindir="/opt/${install_name}/bin"
2072	tmp_sysconfdir="/etc/opt"
2073	tmp_mandir="/opt/${install_name}/man"
2074	tmp_localstatedir="/var/opt/${install_name}"
2075	elif test "x${prefix}" = xUSR
2076	then
2077	tmp_sbindir="/usr/sbin"
2078	tmp_sysconfdir="/etc"
2079	tmp_mandir="/usr/share/man"
2080	tmp_localstatedir="/var"
2081	else
2082	tmp_sbindir=`eval echo ${sbindir}`
2083	tmp_sysconfdir=`eval echo ${sysconfdir}`
2084	tmp_mandir=`eval echo ${mandir}`
2085	tmp_localstatedir=`eval echo ${localstatedir}`
2086	fi
2087	else
2088	prefix=""
2089	if test "x${ac_exec_prefix_set}" = xyes
2090	then
2091	tmp_sbindir=`eval echo ${sbindir}`
2092	else
2093	tmp_sbindir="/usr/local/sbin"
2094	fi
2095	tmp_sysconfdir="/etc"
2096	# share/man -> man (FHS) 11.10.2002
2097	tmp_mandir="/usr/local/man"
2098	tmp_localstatedir="/var"
2099	fi
2100
2101
2102	if test "x${ac_sbindir_set}" = xyes
2103	then
2104	:
2105	else
2106	sbindir=`eval echo ${tmp_sbindir}`
2107	fi
2108
2109
2110	if test "x${ac_sysconfdir_set}" = xyes
2111	then
2112	:
2113	else
2114	sysconfdir=`eval echo ${tmp_sysconfdir}`
2115	fi
2116
2117	if test "x${ac_mandir_set}" = xyes
2118	then
2119	:
2120	else
2121	mandir=`eval echo ${tmp_mandir}`
2122	fi
2123
2124	if test "x${ac_localstatedir_set}" = xyes
2125	then
2126	:
2127	else
2128	localstatedir=`eval echo ${tmp_localstatedir}`
2129	fi
2130
2131
2132
2133	AC_ARG_WITH(config-file,
2134	[ --with-config-file=FILE configuration file [[/etc/{install_name}rc]]],
2135	[
2136	myconffile="${withval}"
2137	changequote(<<, >>)dnl
2138	tmp=`echo ${withval} \| sed 's%^REQ_FROM_SERVER%%'`
2139	sysconfdir=`echo ${tmp} \| sed 's%/[^/][^/]*$%%'`
2140	myrpmconffile="${tmp}"
2141	changequote([, ])dnl
2142	],
2143	[
2144	myconffile="${sysconfdir}/${install_name}rc"
2145	myrpmconffile="${myconffile}"
2146	]
2147	)
2148	AC_DEFINE_UNQUOTED(DEFAULT_CONFIGFILE, _("${myconffile}") )
2149	AC_SUBST(myconffile)
2150	AC_SUBST(myrpmconffile)
2151
2152	AC_ARG_WITH(log-file,
2153	[ --with-log-file=FILE path of log file [[/var/log/{install_name}_log]]],
2154	[
2155	mylogfile="$withval"
2156	changequote(<<, >>)dnl
2157	mylogdir=`echo ${withval} \| sed 's%/[^/][^/]*$%%'`
2158	changequote([, ])dnl
2159	],
2160	[
2161	if test "x${mytclient}" = "x-DSH_WITH_SERVER"; then
2162	mylogfile="${localstatedir}/log/${install_name}/${install_name}_log"
2163	mylogdir="${localstatedir}/log/${install_name}"
2164	else
2165	mylogfile="${localstatedir}/log/${install_name}_log"
2166	mylogdir="${localstatedir}/log"
2167	fi
2168	]
2169	)
2170	AC_DEFINE_UNQUOTED(DEFAULT_ERRFILE, _("${mylogfile}") )
2171	AC_DEFINE_UNQUOTED(DEFAULT_LOGDIR, _("${mylogdir}") )
2172	AC_SUBST(mylogfile)
2173	AC_SUBST(mylogdir)
2174
2175	AC_ARG_WITH(pid-file,
2176	[ --with-pid-file=FILE set path of pid file [[/var/run/{install_name}.pid]]],
2177	[
2178	mylockfile="$withval"
2179	changequote(<<, >>)dnl
2180	mylockdir=`echo ${withval} \| sed 's%/[^/][^/]*$%%'`
2181	changequote([, ])dnl
2182	],
2183	[
2184	mylockfile="${localstatedir}/run/${install_name}.pid"
2185	mylockdir="${localstatedir}/run"
2186	]
2187	)
2188	AC_DEFINE_UNQUOTED(DEFAULT_ERRLOCK, _("${mylockfile}") )
2189	AC_DEFINE_UNQUOTED(DEFAULT_PIDDIR, _("${mylockdir}") )
2190	AC_SUBST(mylockfile)
2191	AC_SUBST(mylockdir)
2192
2193	AC_ARG_WITH(state-dir,
2194	[ --with-state-dir=PFX set state data directory [[/var/lib/{install_name}]]],
2195	[
2196	mydataroot="$withval"
2197	],
2198	[
2199	mydataroot="${localstatedir}/lib/${install_name}"
2200	]
2201	)
2202	AC_ARG_WITH(data-file,
2203	[ --with-data-file=FILE set path of data file],
2204	[
2205	mydatafile="$withval"
2206	changequote(<<, >>)dnl
2207	tmp=`echo ${withval} \| sed 's%^REQ_FROM_SERVER%%'`
2208	mydataroot=`echo ${tmp} \| sed 's%/[^/][^/]*$%%'`
2209	myrpmdatafile="${tmp}"
2210	changequote([, ])dnl
2211	if test x"${tmp}" = x
2212	then
2213	echo "No local path in data file ${withval}"
2214	echo "This will not work for initializing the database."
2215	if test x"${withval}" = xREQ_FROM_SERVER
2216	then
2217	echo "It should be REQ_FROM_SERVER/some/local/path"
2218	fi
2219	AC_MSG_ERROR([--with-data-file: invalid path ${withval}])
2220	fi
2221	],
2222	[
2223	mydatafile="${mydataroot}/${install_name}_file"
2224	myrpmdatafile="${mydatafile}"
2225	])
2226	AC_DEFINE_UNQUOTED(DEFAULT_DATA_FILE, _("${mydatafile}") )
2227	AC_SUBST(mydatafile)
2228	AC_SUBST(myrpmdatafile)
2229
2230	AC_DEFINE_UNQUOTED(DEFAULT_DATAROOT, _("${mydataroot}") )
2231	AC_SUBST(mydataroot)
2232
2233	AC_DEFINE_UNQUOTED(DEFAULT_QDIR, _("${mydataroot}/.quarantine") )
2234	AC_SUBST(myqdir)
2235
2236
2237	AC_ARG_WITH(html-file,
2238	[ --with-html-file=FILE set path of html file,],
2239	[
2240	myhtmlfile="$withval"
2241	],
2242	[
2243	myhtmlfile="${mylogdir}/${install_name}.html"
2244	])
2245	AC_DEFINE_UNQUOTED(DEFAULT_HTML_FILE, _("${myhtmlfile}") )
2246	AC_SUBST(myhtmlfile)
2247
2248
2249	mydefargs=$ac_configure_args
2250	# if test -z "`echo "$mydefargs" \| grep "\-\-enable\-static" 2> /dev/null`"
2251	# then
2252	# mydefargs="--enable-static $mydefargs"
2253	# fi
2254	if test -z "`echo "$mydefargs" \| grep "\-\-enable\-base" 2> /dev/null`"
2255	then
2256	mydefargs="--enable-base=${mykeybase} $mydefargs"
2257	fi
2258	AC_SUBST(mydefargs)
2259
2260
2261	AC_DEFINE_UNQUOTED(SH_INSTALL_DIR, _("${sbindir}"))
2262	AC_DEFINE_UNQUOTED(SH_INSTALL_PATH, _("${sbindir}/${install_name}"))
2263	AC_DEFINE_UNQUOTED(SH_INSTALL_NAME, _("${install_name}"))
2264
2265	AC_CONFIG_HEADER(config.h)
2266
2267	AC_OUTPUT(
2268	[
2269	Makefile
2270	samhain-install.sh
2271	init/samhain.startLSB
2272	init/samhain.startLinux
2273	init/samhain.startGentoo
2274	init/samhain.startFreeBSD
2275	init/samhain.startSolaris
2276	init/samhain.startHPUX
2277	init/samhain.startIRIX
2278	samhain.spec
2279	rules.deb
2280	rules.deb-light
2281	hp_ux.psf
2282	scripts/samhain.spec
2283	scripts/redhat_i386.client.spec
2284	scripts/samhain.ebuild
2285	scripts/samhain.ebuild-light
2286	scripts/samhainadmin.pl
2287	scripts/check_samhain.pl
2288	deploy.sh
2289	],
2290	[
2291	echo timestamp > stamp-h
2292	chmod +x samhain-install.sh
2293	chmod +x scripts/samhainadmin.pl
2294	chmod +x scripts/check_samhain.pl
2295	]
2296	)
2297
2298	chmod +x deploy.sh
2299
2300	if test "x${cross_compiling}" = xyes
2301	then
2302
2303	echo "--------------------------------------------------------------"
2304	echo
2305	echo "You are using a cross-compiler. The following system dependent"
2306	echo "values may have been set to default values that may be"
2307	echo "incorrect for your target system: "
2308	echo
2309	echo "ac_cv_c_bigendian bigendian byte order ${ac_cv_c_bigendian}"
2310	echo "ac_cv_c_long_double long double exists ${ac_cv_c_long_double}"
2311	echo "ac_cv_sizeof_char_p size of pointer to char ${ac_cv_sizeof_char_p}"
2312	echo "ac_cv_sizeof_char_p size of size_t ${ac_cv_sizeof_size_t}"
2313	echo "ac_cv_sizeof_unsigned_int_ size of unsigned int ${ac_cv_sizeof_unsigned_int_}"
2314	echo "ac_cv_sizeof_unsigned_long size of unsigned long ${ac_cv_sizeof_unsigned_long}"
2315	echo "ac_cv_sizeof_unsigned_short size of unsigned short ${ac_cv_sizeof_unsigned_short}"
2316	echo
2317	echo "If these values are incorrect, change them in the file "
2318	echo "config.cache and run configure again."
2319	echo
2320	echo "--------------------------------------------------------------"
2321
2322	fi
2323
2324	if test x${silent} != xyes
2325	then
2326
2327	# A=`eval echo ${sbindir}` ; A=`eval echo ${A}`
2328	# B=`eval echo ${myconffile}` ; B=`eval echo ${B}`
2329	# C=`eval echo ${mandir}` ; C=`eval echo ${C}`
2330	# D=`eval echo ${mylockfile}` ; D=`eval echo ${D}`
2331	# E=`eval echo ${mylogfile}` ; E=`eval echo ${E}`
2332	# F=`eval echo ${mydataroot}` ; F=`eval echo ${F}`
2333
2334	echo
2335	echo " samhain has been configured as follows:"
2336	echo " System binaries: ${sbindir}"
2337	echo " Configuration file: ${myconffile}"
2338	echo " Manual pages: ${mandir}"
2339	echo " Data: ${mydataroot}"
2340	echo " PID file: ${mylockfile}"
2341	echo " Log file: ${mylogfile}"
2342	echo " Base key: ${mykeybase}"
2343	echo
2344	if test x"$mytclient" = x"-DSH_WITH_SERVER"
2345	then
2346	echo " Selected rc file: yulerc"
2347	else
2348	echo " Selected rc file: samhainrc.${selectconfig}"
2349	fi
2350
2351	fi
2352

Note: See TracBrowser for help on using the repository browser.

Download in other formats: