source: trunk/configure.ac@ 466

Last change on this file since 466 was 463, checked in by katerina, 10 years ago

Fix for ticket #363 (database load on init when missing file in config).

File size: 79.7 KB
Line 
1dnl We want to override the standard _AC_INIT_PARSE_ARGS
2dnl
3AU_ALIAS([_AC_INIT_PARSE_ARGS], [SH_INIT_PARSE_ARGS])
4AU_ALIAS([_AC_INIT_help], [SH_INIT_HELP])
5
6AC_INIT(src/samhain.c)
7
8
9AC_ARG_VAR([LIBS], [libraries to link against, e.g. -lintl])
10
11dnl
12dnl start
13dnl
14AM_INIT_AUTOMAKE(samhain, 3.1.4)
15AC_DEFINE([SAMHAIN], 1, [Application is samhain])
16AC_CANONICAL_HOST
17
18dnl
19dnl checks for programs
20dnl
21
22AC_PROG_CC
23if test "$host" != "$build"; then
24 AC_CHECK_PROGS(BUILD_CC, gcc cc)
25else
26 BUILD_CC=$CC
27fi
28AC_PROG_CPP
29AC_PROG_INSTALL
30AC_PROG_LN_S
31AC_PROG_AWK
32SH_PROG_LD
33AC_PATH_PROG(cmd_hostname,hostname)
34AC_SUBST(cmd_hostname)
35AC_SUBST(BUILD_CC)
36
37if test "x$GCC" = "xyes"; then
38 SH_GCC_VERSION
39fi
40
41AC_HEADER_STDC
42dnl
43dnl first one is a dummy because of an autoconf bug
44dnl (no HAVE_... for first one)
45dnl
46AC_CHECK_HEADERS([sys/ipc.h sys/msg.h sys/uio.h fcntl.h])
47
48
49AC_MSG_CHECKING([for OS specific issues])
50mydebugflag=no
51myneedg3=no
52uid_cast="signed long"
53selectconfig=linux
54mynetbsd=no
55sh_use_lcaps="undef"
56dnmalloc_ok=yes
57sh_use_pie=yes
58enable_asm_ok=yes
59
60case "$host_os" in
61
62 *linux*)
63 sh_use_lcaps="yes"
64 AC_DEFINE(HOST_IS_LINUX)
65 AC_DEFINE(HAVE_EXT2_IOCTLS)
66 AC_MSG_RESULT([use ioctl to get e2fs flags])
67 case "$host_cpu" in
68 i*86*)
69 AC_DEFINE(HOST_IS_I86LINUX)
70 ;;
71 x86_64)
72 AC_DEFINE([HOST_IS_64LINUX], 1, [Define if host OS is 64bit Linux])
73 ;;
74 *)
75 ;;
76 esac
77 ;;
78
79 *osf*)
80 AC_DEFINE([HOST_IS_OSF], 1, [Define if host OS is OSF])
81 if test "x$GCC" != "xyes"; then
82 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
83 CFLAGS="$CFLAGS -O2 -assume noaligned_objects"
84 myneedg3=yes
85 AC_MSG_RESULT([compiler needs assume noaligned_objects])
86 else
87 AC_MSG_RESULT([none])
88 fi
89 ;;
90
91 *cygwin*)
92 AC_DEFINE(HOST_IS_CYGWIN)
93 AC_DEFINE([USE_REGISTRY_CHECK], 1, [Define for registry check])
94 dnmalloc_ok=no
95 enable_asm_ok=no
96 AC_MSG_RESULT([no trusted paths, no dnmalloc. no asm optimize])
97 ;;
98
99 *darwin*|*apple*)
100 AC_DEFINE(HOST_IS_DARWIN)
101 dnmalloc_ok=no
102 AC_MSG_RESULT([check resource forks, no dnmalloc])
103 ;;
104
105 *freebsd8*|*freebsd9*)
106 AC_DEFINE(HOST_IS_FREEBSD)
107 selectconfig=freebsd
108 case "$host_cpu" in
109 amd64|x86_64)
110 dnmalloc_ok=no
111 AC_MSG_RESULT([no dnmalloc])
112 ;;
113 *)
114 AC_MSG_RESULT([none])
115 ;;
116 esac
117 ;;
118
119 *freebsd7*)
120 AC_DEFINE(HOST_IS_FREEBSD)
121 selectconfig=freebsd
122 case "$host_cpu" in
123 amd64|x86_64)
124 sh_use_pie=no
125 dnmalloc_ok=no
126 AC_MSG_RESULT([no dnmalloc and broken compiler toolchain])
127 ;;
128 *)
129 AC_MSG_RESULT([none])
130 ;;
131 esac
132 ;;
133
134 *freebsd*)
135 AC_DEFINE(HOST_IS_FREEBSD)
136 selectconfig=freebsd
137 AC_MSG_RESULT([none])
138 ;;
139
140 *openbsd*)
141 AC_DEFINE([HOST_IS_OPENBSD], 1, [Define if host OS is OPENBSD])
142 selectconfig=freebsd
143 dnmalloc_ok=no
144 AC_MSG_RESULT([dnmalloc does not work with pthreads])
145 ;;
146
147 *netbsd*)
148 mynetbsd=yes
149 selectconfig=netbsd
150 AC_MSG_RESULT([bug with libresolve])
151 ;;
152
153 *solaris*)
154 selectconfig=solaris
155 AC_DEFINE(HOST_IS_SOLARIS)
156 case "$host_cpu" in
157 i*86)
158 AC_DEFINE(HOST_IS_I86SOLARIS)
159 AC_MSG_RESULT([vsnprintf prototype])
160 ;;
161 *)
162 AC_MSG_RESULT([none])
163 ;;
164 esac
165 if test "x$GCC" != "xyes"; then
166 if test ! -z "`echo "$CFLAGS" | grep "\-g" 2> /dev/null`" ; then
167 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
168 fi
169 if test -z "`echo "$CFLAGS" | grep "\-xO2" 2> /dev/null`"; then
170 CFLAGS="$CFLAGS -xO2"
171 fi
172 if test -z "`echo "$CFLAGS" | grep "\-Xa" 2> /dev/null`"; then
173 CFLAGS="$CFLAGS -Xa"
174 fi
175 LIBS="-lc $LIBS"
176 fi
177 ;;
178
179
180 *sun*)
181 selectconfig=solaris
182 AC_DEFINE(HOST_IS_SOLARIS)
183 AC_MSG_RESULT([none])
184 ;;
185
186 *aix*)
187 AC_DEFINE(HOST_IS_AIX)
188 selectconfig=aix5.2.0
189 uid_cast="unsigned long"
190 if test "x$GCC" != "xyes"; then
191 if test ! -z "`echo "$CFLAGS" | grep "\-g" 2> /dev/null`" ; then
192 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
193 fi
194 if test -z "`echo "$CFLAGS" | grep "\-O3" 2> /dev/null`"; then
195 CFLAGS="$CFLAGS -O3"
196 fi
197 if test -z "`echo "$CFLAGS" | grep "\-qstrict" 2> /dev/null`"; then
198 CFLAGS="$CFLAGS -qstrict"
199 fi
200 AC_MSG_RESULT([AIX size_t in the accept call and optimize O3 qstrict])
201 else
202 AC_MSG_RESULT([AIX size_t in the accept call])
203 fi
204 ;;
205
206 *hpux*)
207 AC_MSG_RESULT([HPUX need _XOPEN_SOURCE_EXTENDED for h_errno])
208 AC_DEFINE(HOST_IS_HPUX)
209 if test "x$GCC" != "xyes"; then
210 if test ! -z "`echo "$CFLAGS" | grep "\-g" 2> /dev/null`" ; then
211 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
212 fi
213 if test -z "`echo "$CFLAGS" | grep "\+O2" 2> /dev/null`"; then
214 CFLAGS="$CFLAGS +O2"
215 fi
216 fi
217 ;;
218
219 *ultrix*)
220 AC_MSG_RESULT([ULTRIX getcwd uses popen])
221 AC_DEFINE(HAVE_BROKEN_GETCWD)
222 ;;
223
224 *)
225 AC_MSG_RESULT([none])
226 ;;
227esac
228
229AC_SUBST(selectconfig)
230AC_DEFINE_UNQUOTED(UID_CAST, ${uid_cast})
231
232
233
234dnl *****************************************
235dnl
236dnl checks for header files
237dnl
238dnl *****************************************
239
240AC_HEADER_DIRENT
241AC_HEADER_MAJOR
242AC_HEADER_TIME
243dnl used in minilzo.c
244AC_HEADER_STAT
245AC_DECL_SYS_SIGLIST
246
247AC_CHECK_HEADERS(stddef.h libgen.h sched.h malloc.h sys/uio.h \
248 sys/mman.h sys/param.h sys/inotify.h \
249 sys/vfs.h mntent.h \
250 sys/select.h sys/socket.h netinet/in.h \
251 regex.h glob.h fnmatch.h \
252 linux/ext2_fs.h linux/fs.h ext2fs/ext2_fs.h asm/segment.h \
253 elf.h linux/elf.h auparse.h \
254 paths.h arpa/nameser.h arpa/nameser_compat.h \
255 rpc/rpcent.h rpc/rpc.h sys/statvfs.h,
256 [],
257 [],
258 [#include <sys/types.h>]
259)
260
261
262AC_CHECK_HEADER(utmpx.h, sh_utmpx="yes", sh_utmpx="no")
263if test "x$sh_utmpx" = "xyes"; then
264 AC_DEFINE(HAVE_UTMPX_H)
265 AC_EGREP_HEADER(ut_host, utmpx.h, AC_DEFINE(HAVE_UTHOST) )
266 AC_EGREP_HEADER(ut_addr, utmpx.h, AC_DEFINE(HAVE_UTADDR) )
267 AC_EGREP_HEADER(ut_addr_v6, utmpx.h, AC_DEFINE(HAVE_UTADDR_V6) )
268 AC_EGREP_HEADER(ut_xtime,utmpx.h, AC_DEFINE(HAVE_UTXTIME) )
269 AC_EGREP_HEADER(ut_type, utmpx.h, AC_DEFINE(HAVE_UTTYPE) )
270else
271 AC_EGREP_HEADER(ut_addr, utmp.h, AC_DEFINE(HAVE_UTADDR) )
272 AC_EGREP_HEADER(ut_host, utmp.h, AC_DEFINE(HAVE_UTHOST) )
273 AC_EGREP_HEADER(ut_type, utmp.h, AC_DEFINE(HAVE_UTTYPE) )
274fi
275
276dnl
277dnl figure out where acct.h lives
278dnl and whether fields are int/comp_t
279dnl
280dnl GNU Accounting Utilities
281dnl Copyright (C) 1993, 1996, 1997, 2003, 2005 Free Software Foundation, Inc.
282dnl The GNU Accounting Utilities are free software; you can redistribute
283dnl them and/or modify them under the terms of the GNU General Public
284dnl License as published by the Free Software Foundation; either version
285dnl 2, or (at your option) any later version.
286dnl
287AC_CHECK_HEADER(sys/acct.h,
288 AC_DEFINE(HAVE_SYS_ACCT_H, ,
289 [Define if you have the <sys/acct.h> header file.])
290 AC_HEADER_EGREP(ac_utime, sys/acct.h,
291 AC_DEFINE(HAVE_ACUTIME, ,
292 [Define if <sys/acct.h> has the AC_UTIME field.])
293 AC_HEADER_EGREP(comp_t.*ac_utime, sys/acct.h,
294 AC_DEFINE(ACUTIME_COMPT, ,
295 [Define if <sys/acct.h>'s AC_UTIME field is a COMP_T.]))
296 )
297 AC_HEADER_EGREP(ac_stime, sys/acct.h,
298 AC_DEFINE(HAVE_ACSTIME, ,
299 [Define if <sys/acct.h> has the AC_STIME field.])
300 AC_HEADER_EGREP(comp_t.*ac_stime, sys/acct.h,
301 AC_DEFINE(ACSTIME_COMPT, ,
302 [Define if <sys/acct.h>'s AC_STIME field is a COMP_T.]))
303 )
304 AC_HEADER_EGREP(ac_etime, sys/acct.h,
305 AC_DEFINE(HAVE_ACETIME, ,
306 [Define if <sys/acct.h> has the AC_ETIME field.])
307 AC_HEADER_EGREP(comp_t.*ac_etime, sys/acct.h,
308 AC_DEFINE(ACETIME_COMPT, ,
309 [Define if <sys/acct.h>'s AC_ETIME field is a COMP_T.]))
310 )
311 AC_HEADER_EGREP(ac_io, sys/acct.h,
312 AC_DEFINE(HAVE_ACIO, ,
313 [Define if <sys/acct.h> has the AC_IO field.])
314 AC_HEADER_EGREP(comp_t.*ac_io, sys/acct.h,
315 AC_DEFINE(ACIO_COMPT, ,
316 [Define if <sys/acct.h>'s AC_IO field is a COMP_T.]))
317 )
318 AC_HEADER_EGREP(ac_mem, sys/acct.h,
319 AC_DEFINE(HAVE_ACMEM, ,
320 [Define if <sys/acct.h> has the AC_MEM field.])
321 AC_HEADER_EGREP(comp_t.*ac_mem, sys/acct.h,
322 AC_DEFINE(ACMEM_COMPT, ,
323 [Define if <sys/acct.h>'s AC_MEM field is a COMP_T.]))
324 )
325 AC_HEADER_EGREP(ac_minflt, sys/acct.h,
326 AC_HEADER_EGREP(ac_majflt, sys/acct.h,
327 AC_HEADER_EGREP(ac_swaps, sys/acct.h,
328 AC_DEFINE(HAVE_PAGING, ,
329 [Define if <sys/acct.h> has the AC_MINFLT, AC_MAJFLT and AC_SWAPS fields.])
330 AC_HEADER_EGREP(comp_t.*ac_minflt, sys/acct.h,
331 AC_DEFINE(ACMINFLT_COMPT, ,
332 [Define if <sys/acct.h>'s AC_MINFLT field is a COMP_T.]))
333 AC_HEADER_EGREP(comp_t.*ac_mayflt, sys/acct.h,
334 AC_DEFINE(ACMAJFLT_COMPT, ,
335 [Define if <sys/acct.h>'s AC_MAJFLT field is a COMP_T.]))
336 AC_HEADER_EGREP(comp_t.*ac_swaps, sys/acct.h,
337 AC_DEFINE(ACSWAPS_COMPT, ,
338 [Define if <sys/acct.h>'s AC_SWAPS field is a COMP_T.]))
339 )
340 )
341 )
342 AC_HEADER_EGREP(comp_t, sys/acct.h, AC_DEFINE(HAVE_COMP_T, ,
343 [Define if <sys/acct.h> uses the COMP_T type.]))
344 AC_HEADER_EGREP([struct acct_v3], sys/acct.h, AC_DEFINE(HAVE_ACCT_V3, ,
345 [Define if <sys/acct.h> has struct acct_v3.]))
346 AC_HEADER_EGREP([struct acctv2], sys/acct.h, AC_DEFINE(HAVE_ACCTV2, ,
347 [Define if <sys/acct.h> has struct acctv2.]))
348
349 )
350
351
352dnl need to check because AIX 4.2 does not have it
353dnl
354AC_CHECK_MEMBERS([struct statfs.f_flags],[],[],[
355#ifdef HAVE_SYS_TYPES_H
356#include <sys/types.h>
357#endif
358#ifdef HAVE_SYS_STAT_H
359#include <sys/stat.h>
360#endif
361#ifdef HAVE_SYS_VFS_H
362#include <sys/vfs.h>
363#endif
364#ifdef HAVE_UNISTD_H
365#include <unistd.h>
366#endif
367])
368
369AC_SYS_LARGEFILE
370
371dnl
372dnl check whether _POSIX_SOURCE is required
373dnl
374SAMHAIN_POSIX
375
376
377dnl *****************************************
378dnl
379dnl Checks for library functions.
380dnl
381dnl *****************************************
382AC_FUNC_STRFTIME
383AC_CHECK_FUNCS(memcmp memcpy memmove memset getpwent endpwent \
384 gettimeofday strlcat strlcpy strstr strchr strerror strsignal \
385 seteuid setreuid setresuid lstat getwd getcwd ptrace \
386 usleep setpriority getpeereid nanosleep \
387 strptime basename sched_yield hasmntopt \
388 inet_aton gethostbyname setutent setrlimit gethostname uname \
389 getaddrinfo getnameinfo \
390 initgroups getpagesize \
391 ttyname fchmod writev mmap tzset \
392 getsid getpriority getpgid statvfs \
393 strerror_r getgrgid_r getpwnam_r getpwuid_r \
394 gmtime_r localtime_r rand_r readdir_r strtok_r \
395 mincore posix_fadvise inotify_init1
396)
397AC_CHECK_FUNC(statfs, AC_DEFINE(HAVE_STATFS) statfs="yes", statfs="no")
398SL_CHECK_VA_COPY
399AC_CHECK_FUNCS(vsnprintf, [SL_CHECK_VSNPRINTF])
400AC_CHECK_MLOCK
401SH_STRFTIME_Z
402
403AC_MSG_CHECKING(how to get filesystem type)
404fstype=no
405# The order of these tests is important.
406AC_TRY_CPP([#include <sys/statvfs.h>
407#include <sys/fstyp.h>], AC_DEFINE(FSTYPE_STATVFS) fstype=SVR4)
408if test $fstype = no; then
409AC_TRY_CPP([#include <sys/statfs.h>
410#include <sys/fstyp.h>], AC_DEFINE(FSTYPE_USG_STATFS) fstype=SVR3)
411fi
412if test $fstype = no; then
413AC_TRY_CPP([#include <sys/statfs.h>
414#include <sys/vmount.h>], AC_DEFINE(FSTYPE_AIX_STATFS) fstype=AIX)
415fi
416if test $fstype = no; then
417AC_TRY_CPP([#include <mntent.h>], AC_DEFINE(FSTYPE_MNTENT) fstype=4.3BSD)
418fi
419if test $fstype = no; then
420AC_EGREP_HEADER(f_type;, sys/mount.h, AC_DEFINE(FSTYPE_STATFS) fstype=4.4BSD/OSF)
421fi
422if test $fstype = no; then
423AC_TRY_CPP([#include <sys/mount.h>
424#include <sys/fs_types.h>], AC_DEFINE(FSTYPE_GETMNT) fstype=Ultrix)
425fi
426AC_MSG_RESULT($fstype)
427
428sh_libsocket=
429
430dnl Solaris needs -lsocket and -lnsl. Unisys system includes
431dnl gethostbyname in libsocket but needs libnsl for socket.
432AC_CHECK_LIB(nsl, gethostbyname)
433AC_CHECK_LIB(socket, socket, ac_need_libsocket=1, ac_try_nsl=1)
434if test x$ac_need_libsocket = x1; then
435 LIBS="$LIBS -lsocket"
436 sh_libsocket="-lsocket"
437fi
438if test x$ac_try_nsl = x1; then
439 AC_CHECK_LIB(nsl, gethostbyname, ac_need_libnsl=1)
440 if test x$ac_need_libnsl = x1
441 then
442 LIBS="$LIBS -lnsl"
443 fi
444fi
445AC_SUBST(sh_libsocket)
446
447AC_CHECK_LIB(socket, res_search, [
448 AC_CHECK_LIB(resolv, dn_skipname)
449 AC_CHECK_LIB(resolv, __dn_skipname)
450 if test x$ac_need_libsocket = x1; then
451 :
452 else
453 LIBS="$LIBS -lsocket"
454 fi
455 ], [
456 AC_CHECK_LIB(resolv, res_search, [
457 LIBS="$LIBS -lresolv"
458 ], [
459 AC_CHECK_LIB(resolv, dn_skipname)
460 AC_CHECK_LIB(resolv, __dn_skipname)
461 ])
462 ])
463
464sh_auparse=no
465
466if test "x$ac_cv_header_auparse_h" = "xyes"
467then
468 AC_CHECK_LIB(auparse, auparse_find_field, [
469 LIBS="$LIBS -lauparse"
470 sh_auparse=yes
471 AC_DEFINE(HAVE_AUPARSE_LIB, 1, [Define if you have the auparse lib])
472 ])
473fi
474
475dnl arguments for accept
476
477dnl check for Unix98 socklen_t (found on
478dnl xemacs-patches mailing list, written
479dnl by Martin Buchholz)
480dnl
481dnl On Darwin(MacOSX) socklen_t needs to be
482dnl an int (see accept man page), on all other
483dnl unix systems we need a size_t.
484
485AC_MSG_CHECKING(for socklen_t)
486AC_TRY_COMPILE([
487#ifdef HAVE_SYS_TYPES_H
488#include <sys/types.h>
489#endif
490#ifdef HAVE_SYS_SOCKET_H
491#include <sys/socket.h>
492#endif
493 socklen_t x;
494], [],[
495 AC_MSG_RESULT(yes)
496 AC_DEFINE_UNQUOTED([ACCEPT_TYPE_ARG3],[socklen_t], [type of arg3 of accept])
497 AC_DEFINE([HAVE_SOCKLEN_T], 1, [Define if you have socklen_t])
498],[
499 AC_TRY_COMPILE([
500#ifdef HAVE_SYS_TYPES_H
501#include <sys/types.h>
502#endif
503#ifdef HAVE_SYS_SOCKET_H
504#include <sys/socket.h>
505#endif
506 int accept (int, struct sockaddr *, size_t *);
507 ],[],[
508 AC_MSG_RESULT(size_t)
509 AC_DEFINE_UNQUOTED([ACCEPT_TYPE_ARG3],[size_t], [type of arg3 of accept])
510 ], [
511 AC_MSG_RESULT(int)
512 AC_DEFINE_UNQUOTED([ACCEPT_TYPE_ARG3],[int], [type of arg3 of accept])
513 ]
514 )
515])
516
517dnl *****************************************
518dnl checks for extended attribute or ACL
519dnl support
520dnl *****************************************
521
522sh_CHECK_XATTR
523sh_CHECK_POSIX_ACL
524
525dnl *****************************************
526dnl checks for typedefs
527dnl *****************************************
528
529AC_C_LONG_DOUBLE
530SH_CHECK_TYPEDEF(long long, HAVE_LONG_LONG)
531SH_CHECK_TYPEDEF(uint16_t, HAVE_UINT16_T)
532SH_CHECK_TYPEDEF(uint64_t, HAVE_UINT64_T)
533if test "$sh_HAVE_LONG_LONG" = "yes"; then
534 AC_CHECK_SIZEOF(unsigned long long, 4)
535 sh_sizeof_unsigned_long_long=`echo "$ac_cv_sizeof_unsigned_long_long" | sed 's%[^0-9]%%g'`
536 if test "$sh_sizeof_unsigned_long_long" = "8"; then
537 AC_DEFINE(HAVE_LONG_LONG_64, 1, [Define if you have 64bit long long])
538 fi
539fi
540
541AC_CHECK_TYPE(ptrdiff_t, long)
542AC_TYPE_SIZE_T
543AC_CHECK_SIZEOF(char *, 4)
544AC_CHECK_SIZEOF(size_t, 4)
545
546AC_CHECK_SIZEOF(unsigned long, 4)
547AC_CHECK_SIZEOF(unsigned int, 4)
548AC_CHECK_SIZEOF(unsigned short, 2)
549
550
551sh_sizeof_unsigned_long=`echo "$ac_cv_sizeof_unsigned_long" | sed 's%[^0-9]%%g'`
552if test "$sh_sizeof_unsigned_long" = "4"; then
553 AC_DEFINE(HAVE_LONG_32)
554fi
555if test "$sh_sizeof_unsigned_long" = "8"; then
556 AC_DEFINE(HAVE_LONG_64)
557fi
558sh_sizeof_unsigned_int=`echo "$ac_cv_sizeof_unsigned_int" | sed 's%[^0-9]%%g'`
559if test "$sh_sizeof_unsigned_int" = "4"; then
560 AC_DEFINE(HAVE_INT_32)
561fi
562sh_sizeof_unsigned_short=`echo "$ac_cv_sizeof_unsigned_short" | sed 's%[^0-9]%%g'`
563if test "$sh_sizeof_unsigned_short" = "4"; then
564 AC_DEFINE(HAVE_SHORT_32)
565fi
566
567dnl
568dnl check for 64 bit programming environment
569dnl
570SAMHAIN_64
571
572
573dnl *****************************************
574dnl checks for structures
575dnl *****************************************
576
577AC_STRUCT_TM
578
579dnl
580dnl from e2fsprogs
581dnl
582AC_MSG_CHECKING(whether struct stat has a st_flags field)
583AC_CACHE_VAL(e2fsprogs_cv_struct_st_flags,
584 AC_TRY_COMPILE([#include <sys/stat.h>],
585 [struct stat stat; stat.st_flags = 0;],
586 [e2fsprogs_cv_struct_st_flags=yes],
587 [e2fsprogs_cv_struct_st_flags=no]))
588AC_MSG_RESULT($e2fsprogs_cv_struct_st_flags)
589if test "$e2fsprogs_cv_struct_st_flags" = yes; then
590 AC_MSG_CHECKING(whether st_flags field is useful)
591 AC_CACHE_VAL(e2fsprogs_cv_struct_st_flags_immut,
592 AC_TRY_COMPILE([#include <sys/stat.h>],
593 [struct stat stat; stat.st_flags |= UF_IMMUTABLE;],
594 [e2fsprogs_cv_struct_st_flags_immut=yes],
595 [e2fsprogs_cv_struct_st_flags_immut=no]))
596 AC_MSG_RESULT($e2fsprogs_cv_struct_st_flags_immut)
597 if test "$e2fsprogs_cv_struct_st_flags_immut" = yes; then
598 AC_DEFINE(HAVE_STAT_FLAGS)
599 fi
600fi
601
602dnl
603dnl from dbus
604dnl
605AC_MSG_CHECKING(for struct cmsgcred)
606AC_TRY_COMPILE([
607#include <sys/types.h>
608#include <sys/socket.h>
609],[
610struct cmsgcred cred;
611
612cred.cmcred_pid = 0;
613],sh_have_struct_cmsgcred=yes,sh_have_struct_cmsgcred=no)
614AC_MSG_RESULT($sh_have_struct_cmsgcred)
615
616if test x$sh_have_struct_cmsgcred = xyes; then
617 AC_DEFINE(HAVE_STRUCT_CMSGCRED,1,[Have cmsgcred structure])
618fi
619
620AC_MSG_CHECKING(for struct fcred)
621AC_TRY_COMPILE([
622#include <sys/param.h>
623#include <sys/socket.h>
624#include <sys/ucred.h>
625],[
626struct fcred sockcred;
627],sh_have_struct_fcred=yes,sh_have_struct_fcred=no)
628AC_MSG_RESULT($sh_have_struct_fcred)
629
630if test x$sh_have_struct_fcred = xyes; then
631 AC_DEFINE(HAVE_STRUCT_FCRED,1,[Have fcred structure])
632fi
633
634AC_MSG_CHECKING(for struct sockcred)
635AC_TRY_COMPILE([
636#include <sys/param.h>
637#include <sys/socket.h>
638#include <sys/ucred.h>
639],[
640struct sockcred sockcred;
641],sh_have_struct_sockcred=yes,sh_have_struct_sockcred=no)
642AC_MSG_RESULT($sh_have_struct_sockcred)
643
644if test x$sh_have_struct_sockcred = xyes; then
645 AC_DEFINE(HAVE_STRUCT_SOCKCRED,1,[Have sockcred structure])
646fi
647
648AC_MSG_CHECKING(for SO_PEERCRED)
649AC_TRY_COMPILE([
650#include <sys/types.h>
651#include <sys/socket.h>
652],[
653int test = SO_PEERCRED;
654],sh_have_SO_PEERCRED=yes,sh_have_SO_PEERCRED=no)
655AC_MSG_RESULT($sh_have_SO_PEERCRED)
656
657if test x$sh_have_SO_PEERCRED = xyes; then
658 AC_DEFINE(HAVE_SO_PEERCRED,1,[Have SO_PEERCRED define])
659fi
660
661
662dnl *****************************************
663dnl checks for compiler characteristics
664dnl *****************************************
665AC_C_INLINE
666AC_C_CONST
667AC_C_BIGENDIAN
668AC_C_RESTRICT
669
670AM_SA_SIGACTION_WORKS
671
672AC_ARG_ENABLE(ssp,
673 [ --disable-ssp disable the GCC stack protector],
674 [],
675 [enable_ssp=yes;]
676)
677
678if test "x$GCC" = "xyes"; then
679
680 if test x"${enable_ssp}" = xno; then
681 :
682 else
683 GCC_STACK_PROTECT_LIB
684 GCC_STACK_PROTECT_CC
685dnl GCC_STACK_CHECK_CC
686 GCC_PIE_CC
687 fi
688
689fi
690
691dnl *****************************************
692dnl
693dnl checks for system services
694dnl
695dnl *****************************************
696
697dnl
698dnl check for /proc filesystem
699dnl
700if test -d "/proc/$$"
701then
702 AC_DEFINE([HAVE_PROCFS],[1],[Define if you have a proc fs])
703fi
704
705dnl
706dnl check for GNU gmp
707dnl
708AC_CHECK_LIB(gmp, __gmpz_init, [sh_have_gmp=yes], [sh_have_gmp=no])
709if test "x${sh_have_gmp}" = xno
710then
711 AC_CHECK_LIB(gmp, mpz_init, [sh_have_gmp=yes], [sh_have_gmp=no])
712fi
713if test "x${sh_have_gmp}" = xyes
714then
715 # LIBS="-lgmp $LIBS"
716 AC_DEFINE(HAVE_LIBGMP, 1, [Have GNU gmp library])
717fi
718AC_CHECK_HEADERS(gmp.h)
719
720AC_MSG_CHECKING([for ps])
721PS=
722for ff in /usr/ucb /bin /usr/bin; do
723 if test -x "$ff/ps"; then
724 PS="$ff/ps"
725 AC_MSG_RESULT([$PS])
726 break
727 fi
728done
729if test x$PS = x
730then
731 AC_MSG_RESULT([no])
732 AC_MSG_ERROR([Cannot find ps in any of /usr/ucb /bin /usr/bin])
733fi
734AC_DEFINE_UNQUOTED([PSPATH], _("$PS"), [Path to ps])
735
736AC_MSG_CHECKING([how to use ps])
737$PS ax >/dev/null 2>&1
738if test $? -eq 0; then
739 case "$host_os" in
740 *openbsd*)
741 one=`$PS akx | wc -l`
742 ;;
743 *)
744 one=`$PS ax | wc -l`
745 ;;
746 esac
747else
748 one=0
749fi
750$PS -e >/dev/null 2>&1
751if test $? -eq 0; then
752 two=`$PS -e | wc -l`
753else
754 two=0
755fi
756if test $one -ge $two
757then
758 case "$host_os" in
759 *openbsd*)
760 PSARG="akx"
761 ;;
762 *)
763 PSARG="ax"
764 ;;
765 esac
766else
767 PSARG="-e"
768fi
769AC_DEFINE_UNQUOTED([PSARG], _("$PSARG"), [Argument for ps])
770AC_MSG_RESULT([$PS $PSARG])
771
772dnl *****************************************
773dnl
774dnl enable features
775dnl
776dnl *****************************************
777
778AC_ARG_ENABLE(db-reload,
779 [ --enable-db-reload enable database reload on SIGHUP [[no]]],
780 [
781 if test "x${enable_db_reload}" = xyes; then
782 AC_DEFINE(RELOAD_DATABASE)
783 fi
784 ]
785)
786
787AC_ARG_ENABLE(xml-log,
788 [ --enable-xml-log enable XML logfile format [[no]]],
789 [
790 if test "x${enable_xml_log}" = xyes; then
791 AC_DEFINE(SH_USE_XML)
792 fi
793 ]
794)
795
796
797AC_ARG_ENABLE(mail,
798 [ --disable-mail disable the internal SMTP mailer],
799 [
800 if test "x${enable_mail}" = xno; then
801 :
802 else
803 AC_DEFINE(SH_WITH_MAIL)
804 fi
805 ],
806 [AC_DEFINE(SH_WITH_MAIL)]
807)
808
809AC_ARG_ENABLE(suid,
810 [ --enable-suid allow suid],
811 [
812 if test "x${enable_suid}" = xyes; then
813 AC_DEFINE(SH_ALLOW_SUID, [1], [Define if you want to allow suid execution for samhain])
814 fi
815 ]
816)
817
818AC_ARG_ENABLE(shellexpand,
819 [ --disable-shellexpand disable shell expansion in config file],
820 [
821 if test "x${enable_shellexpand}" = xno; then
822 :
823 else
824 AC_DEFINE(SH_EVAL_SHELL, [1], [Define if you want shell expansion in configuration file])
825 fi
826 ],
827 [AC_DEFINE(SH_EVAL_SHELL, [1], [Define if you want shell expansion in configuration file])]
828)
829
830AC_ARG_ENABLE(external-scripts,
831 [ --disable-external-scripts disable interface to external scripts],
832 [
833 if test "x${enableval}" = xno; then
834 :
835 else
836 AC_DEFINE(WITH_EXTERNAL)
837 fi
838 ],
839 [AC_DEFINE(WITH_EXTERNAL)]
840)
841
842AC_ARG_ENABLE(message-queue,
843 [ --enable-message-queue[[=MODE]] enable SysV message queue [[MODE=0700]]],
844 [
845 if test "x${ac_cv_header_sys_msg_h}" = "xyes"; then
846 if test "x${enable_message_queue}" = xyes; then
847 AC_DEFINE(WITH_MESSAGE_QUEUE)
848 AC_DEFINE_UNQUOTED(MESSAGE_QUEUE_MODE, 0700)
849 elif test "x${enable_message_queue}" != xno; then
850 echo "${enableval}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
851 AC_MSG_ERROR([With --enable-message-queue=MODE, MODE must be numeric])
852 echo "${enableval}" | \
853 grep ['0[0123456789][0123456789][0123456789]'] >/dev/null 2>&1 ||
854 AC_MSG_ERROR([With --enable-message-queue=MODE, MODE must be an octal (0nnn) number])
855 AC_DEFINE(WITH_MESSAGE_QUEUE)
856 AC_DEFINE_UNQUOTED(MESSAGE_QUEUE_MODE, ${enable_message_queue})
857 fi
858 else
859 echo
860 echo "**********************************************"
861 echo
862 AC_MSG_WARN([sys/msg.h missing, --enable-message-queue disabled])
863 echo
864 echo "**********************************************"
865 echo
866 fi
867 ]
868)
869
870AC_ARG_WITH(cflags,
871 [ --with-cflags additional flags to pass to compiler],
872 [
873 if test "x$withval" != "xno" ; then
874 CFLAGS="$CFLAGS $withval"
875 fi
876 ]
877)
878AC_ARG_WITH(libs,
879 [ --with-libs additional libraries to link with],
880 [
881 if test "x$withval" != "xno" ; then
882 LIBS="$LIBS $withval"
883 fi
884 ]
885)
886
887
888#
889# this is from ssh
890#
891AC_MSG_CHECKING(whether to use libwrap)
892LIBWRAP_LIB=""
893LIBWRAP_INC=""
894AC_ARG_WITH(libwrap,
895[ --with-libwrap[=PATH] Compile in libwrap (TCP Wrappers) support],
896[ AC_MSG_RESULT($withval)
897 case "$withval" in
898 no)
899 ;;
900 ""|yes)
901 LIBWRAP_LIB="-lwrap"
902 ;;
903 *)
904 if test -d "$withval"; then
905 LIBWRAP_LIB="-L$withval -lwrap"
906 changequote(<<, >>)dnl
907 sh_libwrap_inc=`echo ${withval} | sed 's%/[^/][^/]*$%%'`
908 LIBWRAP_INC="-I${sh_libwrap_inc}/include"
909 changequote([, ])dnl
910 else
911 LIBWRAP_LIB="-lwrap"
912 changequote(<<, >>)dnl
913 sh_libwrap_inc=`echo ${withval} | sed 's%/[^/][^/]*$%%'`
914 LIBWRAP_INC="-I${sh_libwrap_inc}"
915 changequote([, ])dnl
916 fi
917 ;;
918 esac
919 if test -n "$LIBWRAP_LIB"; then
920 # OLDLIBS="$LIBS"
921 LIBS="$LIBWRAP_LIB $LIBS"
922 # OLDCFLAGS="$CFLAGS"
923 CFLAGS="$CFLAGS $LIBWRAP_INC"
924 AC_CHECK_HEADER(tcpd.h,
925 [],
926 [ AC_MSG_ERROR([Could not find tcpd.h for libwrap. You need to install tcp_wrappers.]) ])
927 AC_TRY_LINK([ #include <tcpd.h>
928 int allow_severity; int deny_severity; ],
929 [ hosts_access((struct request_info *) 0); ],
930 [ AC_DEFINE(SH_USE_LIBWRAP,1,[Build with tcp wrapper support]) ],
931 [ AC_MSG_ERROR([Could not find the libwrap library.]) ])
932 fi ],
933 AC_MSG_RESULT(no)
934)
935
936
937dnl
938dnl NETWORK OPTIONS
939dnl
940AC_ARG_ENABLE(network,
941 [ --enable-network=[[client|server]] compile client or server [[no]]],
942 [
943 if test "x$enable_network" = xclient; then
944 mytclient="-DSH_WITH_CLIENT"
945 yulectl_prg=
946 setpwd_prg="samhain_setpwd"
947 sh_main_prg="samhain"
948 if test "x${sh_have_gmp}" = xyes
949 then
950 LIBS="-lgmp $LIBS"
951 fi
952dnl AC_CHECK_HEADER(sys/capability.h,
953dnl [AC_CHECK_LIB(cap, cap_get_proc,,sh_use_lcaps="no")],
954dnl [sh_use_lcaps="no"])
955 elif test "x$enable_network" = xserver; then
956 mytclient="-DSH_WITH_SERVER"
957 yulectl_prg="yulectl"
958 setpwd_prg="samhain_setpwd"
959 sh_main_prg="yule"
960 if test "x${sh_have_gmp}" = xyes
961 then
962 LIBS="-lgmp $LIBS"
963 fi
964 sh_use_lcaps="undef"
965 elif test "x$enable_network" = xno; then
966 mytclient="-DSH_STANDALONE"
967 yulectl_prg=
968 setpwd_prg=
969 sh_main_prg="samhain"
970dnl AC_CHECK_HEADER(sys/capability.h,
971dnl [AC_CHECK_LIB(cap, cap_get_proc,,sh_use_lcaps="no")],
972dnl [sh_use_lcaps="no"])
973 else
974 AC_MSG_ERROR([With --enable-network=WHAT, WHAT must be client, server, or no])
975 fi
976 ],
977 [
978 mytclient="-DSH_STANDALONE"
979 setpwd_prg=
980 yulectl_prg=
981 sh_main_prg="samhain"
982dnl AC_CHECK_HEADER(sys/capability.h,
983dnl [AC_CHECK_LIB(cap, cap_get_proc,,sh_use_lcaps="no")],
984dnl [sh_use_lcaps="no"])
985 ],
986)
987
988AC_SUBST(setpwd_prg)
989AC_SUBST(yulectl_prg)
990AC_SUBST(sh_main_prg)
991AC_SUBST(mytclient)
992
993# needed for the rpm spec
994clmytclient=`echo ${mytclient} | sed s%\-%%`
995AC_SUBST(clmytclient)
996
997sh_no_gcc_static=no
998
999AC_ARG_ENABLE(static,
1000 [ --enable-static enable static linking [[no]]],
1001 [
1002 if test x$enable_static = xyes; then
1003 if test x"$mynetbsd" = xyes
1004 then
1005 tmp_LIBS=`echo $LIBS | sed 's%\-lresolv%%' `
1006 LIBS="${tmp_LIBS}"
1007 fi
1008 if test x"${sh_auparse}" = xyes
1009 then
1010 tmp_LIBS=`echo $LIBS | sed 's%\-lauparse%%' `
1011 LIBS="${tmp_LIBS}"
1012 fi
1013 AC_DEFINE(SH_COMPILE_STATIC, 1, [Define if compiling static])
1014 if test "x$GCC" = "xyes"; then
1015 sh_no_gcc_static=no
1016 LDFLAGS="$LDFLAGS -static"
1017 else
1018 sh_no_gcc_static=yes
1019 case "$host_os" in
1020
1021 *aix*)
1022 LDFLAGS="$LDFLAGS -bnso -bI:/lib/syscalls.exp"
1023 ;;
1024
1025 *hpux*)
1026 LDFLAGS="$LDFLAGS -Wl,-a,archive"
1027 ;;
1028
1029 *osf*)
1030 LDFLAGS="$LDFLAGS -non_shared"
1031 ;;
1032
1033 *irix*)
1034 LDFLAGS="$LDFLAGS -non_shared"
1035 ;;
1036
1037 *sco*)
1038 LDFLAGS="$LDFLAGS -dn"
1039 ;;
1040
1041 *sun*)
1042 LDFLAGS="$LDFLAGS -Bstatic"
1043 ;;
1044
1045 *solaris*)
1046 LDFLAGS="$LDFLAGS -Bstatic"
1047 ;;
1048
1049 *)
1050 echo "***********************************************"
1051 echo "*"
1052 echo "* Don't know how to enable static linking"
1053 echo "* with your compiler. Please set the environment"
1054 echo "* variable LDFLAGS to:"
1055 echo "* ${LDFLAGS} + the static linking flag"
1056 echo "* and run configure again"
1057 echo "*"
1058 echo "***********************************************"
1059 ;;
1060
1061 esac
1062 fi
1063 fi
1064 ]
1065)
1066
1067if test x"${mytclient}" = x-DSH_STANDALONE -o x"${mytclient}" = x-DSH_WITH_CLIENT;
1068then
1069dnl For threaded modules
1070 ACX_PTHREAD
1071 CFLAGS="$CFLAGS $PTHREAD_CFLAGS"
1072 LIBS="$PTHREAD_LIBS $LIBS"
1073 LDFLAGS="$PTHREAD_CFLAGS $LDFLAGS"
1074 CC="$PTHREAD_CC"
1075dnl For MODI_TXT
1076 CHECK_ZLIB()
1077fi
1078
1079if test x$enable_static = xyes; then
1080 :
1081else
1082 if test x$sh_use_pie = xyes; then
1083 LDFLAGS="$LDFLAGS $PIE_LDFLAGS"
1084 CFLAGS="$CFLAGS $PIE_CFLAGS"
1085 fi
1086fi
1087AC_CHECK_FUNC(pmap_getmaps,
1088 AC_DEFINE([HAVE_PMAP_GETMAPS], [], [Define if pmap_getmaps available]), [],[])
1089
1090
1091#
1092# this is from the snort configure.in
1093#
1094AC_DEFUN(FAIL_MESSAGE,[
1095 echo
1096 echo
1097 echo "**********************************************"
1098 echo " ERROR: unable to find" $1
1099 echo " checked in the following places"
1100 for i in `echo $2`; do
1101 echo " $i"
1102 done
1103 echo "**********************************************"
1104 echo
1105 exit
1106])
1107
1108AC_ARG_WITH(libprelude-prefix,
1109 [ --with-libprelude-prefix=PFX Prefix where libprelude is installed (optional)],
1110 libprelude_config_prefix="$withval", libprelude_config_prefix="")
1111
1112AC_MSG_CHECKING(whether to use prelude)
1113AC_ARG_WITH(prelude,
1114 [ --with-prelude Prelude IDS support [[no]]],
1115 [
1116 if test "x${withval}" = "xno"; then
1117 AC_MSG_RESULT(no)
1118 else
1119 AC_MSG_RESULT(yes)
1120 if test x$libprelude_config_prefix != x ; then
1121 if test x${LIBPRELUDE_CONFIG+set} != xset ; then
1122 LIBPRELUDE_CONFIG=$libprelude_config_prefix/bin/libprelude-config
1123 fi
1124 fi
1125
1126 AC_PATH_PROG(LIBPRELUDE_CONFIG, libprelude-config, no)
1127 if test x"$LIBPRELUDE_CONFIG" = "xno" ; then
1128 HAVE_PRELUDE_CONFIG=no
1129 else
1130 HAVE_PRELUDE_CONFIG=yes
1131 fi
1132dnl AC_CHECK_PROG(HAVE_PRELUDE_CONFIG, libprelude-config, yes, no)
1133 if test "$HAVE_PRELUDE_CONFIG" = "yes"; then
1134 sh_libprelude_version=`$LIBPRELUDE_CONFIG --version`
1135 case "$sh_libprelude_version" in
1136 0.8*)
1137 AC_MSG_ERROR([You have Libprelude 0.8, which is too old. Version 0.9.6 or higher is required.])
1138 ;;
1139 *)
1140 AM_PATH_LIBPRELUDE([0.9.6],
1141 [
1142 AC_DEFINE(HAVE_LIBPRELUDE,1,[Have libprelude])
1143 CFLAGS="$CFLAGS $LIBPRELUDE_PTHREAD_CFLAGS"
1144 LDFLAGS="$LDFLAGS $LIBPRELUDE_LDFLAGS"
1145 LIBS="$LIBS $LIBPRELUDE_LIBS"
1146 ],
1147 [
1148 AC_MSG_ERROR([Could not find libprelude (if you are using --enable-static, the static library libprelude.a might be missing).])
1149 ])
1150 ;;
1151 esac
1152 else
1153 AC_MSG_ERROR([Could not find libprelude-config.])
1154 fi
1155 fi
1156 ],
1157 [
1158 AC_MSG_RESULT(no)
1159 ]
1160)
1161
1162#
1163# partly based on the snort configure.in
1164#
1165AC_ARG_WITH(database,
1166 [ --with-database=[[mysql|postgresql|oracle|odbc]] database support [[no]]],
1167 [
1168 if test x"$enable_xml_log" != xyes; then
1169 AC_MSG_ERROR([With --with-database, --enable-xml-log is required as well.])
1170 fi
1171 if test "x${withval}" = "xmysql"; then
1172 if test "x$zlib_found" = "x"
1173 then
1174 CHECK_ZLIB()
1175 fi
1176 AC_CHECK_PROG(HAVE_MYSQL_CONFIG, mysql_config, yes, no)
1177 if test "$HAVE_MYSQL_CONFIG" = "yes"; then
1178 sh_mysql_libs="`mysql_config --libs`"
1179 sh_mysql_libs="`eval echo ${sh_mysql_libs}`"
1180 LIBS="$LIBS ${sh_mysql_libs}"
1181 sh_mysql_cflags="`mysql_config --cflags`"
1182 sh_mysql_cflags="`eval echo ${sh_mysql_cflags}`"
1183 CPPFLAGS="$CPPFLAGS ${sh_mysql_cflags}"
1184 else
1185 AC_MSG_CHECKING([for MySQL in /usr /usr/local /usr/local/mysql MYSQL_HOME])
1186 mysql_directory="/usr /usr/local /usr/local/mysql ${MYSQL_HOME}"
1187
1188 for i in $mysql_directory; do
1189 if test -r $i/include/mysql/mysql.h; then
1190 MYSQL_DIR=$i
1191 MYSQL_INC_DIR=$i/include
1192 # we use AC_CHECK_HEADERS to check for mysql/mysql.h
1193 fi
1194 done
1195 if test -z "$MYSQL_DIR"; then
1196 for i in $mysql_directory; do
1197 if test -r $i/include/mysql.h; then
1198 MYSQL_DIR=$i
1199 MYSQL_INC_DIR=$i/include
1200 fi
1201 done
1202 fi
1203
1204 if test -z "$MYSQL_DIR"; then
1205 tmp=""
1206 for i in $mysql_directory; do
1207 tmp="$tmp $i/include $i/include/mysql"
1208 done
1209 FAIL_MESSAGE("mysql headers (mysql.h)", $tmp)
1210 fi
1211
1212 for i in lib lib/mysql; do
1213 str="$MYSQL_DIR/$i/libmysqlclient.*"
1214 for j in `echo $str`; do
1215 if test -r $j; then
1216 MYSQL_LIB_DIR="$MYSQL_DIR/$i"
1217 break 2
1218 fi
1219 done
1220 done
1221
1222 if test -z "$MYSQL_LIB_DIR"; then
1223 for ff in $mysql_directory; do
1224 for i in lib lib/mysql; do
1225 str="$ff/$i/libmysqlclient.*"
1226 for j in `echo $str`; do
1227 if test -r $j; then
1228 MYSQL_LIB_DIR="$ff/$i"
1229 break 3
1230 fi
1231 done
1232 done
1233 done
1234 fi
1235
1236 if test -z "$MYSQL_LIB_DIR"; then
1237 tmp=""
1238 for i in $mysql_directory; do
1239 tmp="$i/lib $i/lib/mysql"
1240 done
1241 FAIL_MESSAGE("mysql library libmysqlclient", $tmp)
1242 fi
1243
1244 AC_MSG_RESULT(yes)
1245 LIBS="$LIBS -L${MYSQL_LIB_DIR} -lmysqlclient"
1246 # CFLAGS="$CFLAGS -I${MYSQL_INC_DIR}"
1247 CPPFLAGS="$CPPFLAGS -I${MYSQL_INC_DIR}"
1248 fi
1249 AC_DEFINE(WITH_MYSQL)
1250 AC_DEFINE(WITH_DATABASE)
1251 if test "x$zlib_found" = "xyes"
1252 then
1253 LIBS="$LIBS -lz -lm"
1254 else
1255 echo
1256
1257 echo " Mysql library was not found or not useable."
1258 echo " Possible reasons include:"
1259 echo " - an old, incompatible version compiled from source"
1260 echo " - on Solaris, libmysql is compiled with the Solaris"
1261 echo " compiler, thus the mysql_config script provides"
1262 echo " compiler options unsuitable for gcc (move"
1263 echo " mysql_config out of your PATH)"
1264 echo " For other problems, check config.log for the error"
1265 echo " message from the compiler."
1266 echo
1267 echo " If your mysql libraries are installed in an"
1268 echo " unusual place, use --with-libs=-L/path/to/libdirectory"
1269 echo " where libdirectory is the directory holding libmysql."
1270 if test x"$enable_static" = xyes; then
1271 echo " Note that for compiling a static binary, you need"
1272 echo " the static libraries, rather than the shared ones."
1273 fi
1274 echo
1275 AC_MSG_ERROR([Could not find libmysql, or it is not useable.])
1276 fi
1277 AC_CHECK_HEADERS(mysql/mysql.h)
1278 elif test "x${withval}" = "xpostgresql"; then
1279 AC_DEFINE(WITH_POSTGRES)
1280 AC_DEFINE(WITH_DATABASE)
1281 #
1282 PGCONF="no"
1283 MY_PATH="${PATH}:/usr/local/bin:/usr/local/pgsql/bin"
1284 OLD_IFS="$IFS"
1285 IFS=":"
1286 for ff in ${MY_PATH}
1287 do
1288 if test -f "$ff/pg_config"
1289 then
1290 PGCONF="$ff/pg_config"
1291 fi
1292 done
1293 IFS="${OLD_IFS}"
1294 #
1295 #
1296 if test "x${PGCONF}" = "xno"
1297 then
1298 AC_MSG_CHECKING(for PostgreSQL in /usr/local/pgsql /usr/pgsql /usr/local /usr PGSQL_HOME)
1299 pgsql_directory="/usr/local/pgsql /usr/pgsql /usr/local /usr ${PGSQL_HOME}"
1300 for i in $pgsql_directory; do
1301 if test -r $i/include/pgsql/libpq-fe.h; then
1302 PGSQL_INC_DIR=$i/include
1303 PGSQL_DIR=$i
1304 # use AC_CHECK_HEADERS to check for pgsql/libpq-fe.h
1305 fi
1306 done
1307 if test -z "$PGSQL_DIR"; then
1308 for i in $pgsql_directory; do
1309 if test -r $i/include/postgresql/libpq-fe.h; then
1310 PGSQL_INC_DIR=$i/include
1311 PGSQL_DIR=$i
1312 fi
1313 done
1314 fi
1315 if test -z "$PGSQL_DIR"; then
1316 for i in $pgsql_directory; do
1317 if test -r $i/include/libpq-fe.h; then
1318 PGSQL_INC_DIR=$i/include
1319 PGSQL_DIR=$i
1320 fi
1321 done
1322 fi
1323
1324 if test -z "$PGSQL_DIR"; then
1325 tmp=""
1326 for i in $pgsql_directory; do
1327 tmp="$tmp $i/include $i/include/pgsql $i/include/postgresql"
1328 done
1329 FAIL_MESSAGE("PostgreSQL header file (libpq-fe.h)", $tmp)
1330 fi
1331
1332 for i in lib lib/pgsql lib/postgresql; do
1333 str="$PGSQL_DIR/$i/libpq.*"
1334 for j in `echo $str`; do
1335 if test -r $j; then
1336 PGSQL_LIB_DIR="$PGSQL_DIR/$i"
1337 break 2
1338 fi
1339 done
1340 done
1341
1342 if test -z "$PGSQL_LIB_DIR"; then
1343 for ff in $pgsql_directory; do
1344 for i in lib lib/pgsql lib/postgresql; do
1345 str="$ff/$i/libpq.*"
1346 for j in `echo $str`; do
1347 if test -r $j; then
1348 PGSQL_LIB_DIR="$ff/$i"
1349 break 3
1350 fi
1351 done
1352 done
1353 done
1354 fi
1355
1356 if test -z "$PGSQL_LIB_DIR"; then
1357 tmp=""
1358 for i in $pgsql_directory; do
1359 tmp="$i/lib $i/lib/pgsql $i/lib/postgresql"
1360 done
1361 FAIL_MESSAGE("postgresql library libpq", $tmp)
1362 fi
1363
1364 AC_MSG_RESULT(yes)
1365
1366 LIBS="$LIBS -L${PGSQL_LIB_DIR} -lpq -lm"
1367 if test x"$enable_static" = xyes; then
1368 LIBS="$LIBS -L${PGSQL_LIB_DIR} -lpq -lcrypt -lm"
1369 else
1370 LIBS="$LIBS -L${PGSQL_LIB_DIR} -lpq -lm"
1371 fi
1372 # CFLAGS="$CFLAGS -I${PGSQL_INC_DIR}"
1373 CPPFLAGS="$CPPFLAGS -I${PGSQL_INC_DIR}"
1374 AC_CHECK_HEADERS(pgsql/libpq-fe.h)
1375 AC_CHECK_HEADERS(postgresql/libpq-fe.h)
1376 else
1377 pg_lib_dir=`${PGCONF} --libdir`
1378 if test x"$enable_static" = xyes; then
1379 LIBS="$LIBS -L${pg_lib_dir} -lpq -lcrypt -lm"
1380 else
1381 LIBS="$LIBS -L${pg_lib_dir} -lpq -lm"
1382 fi
1383 pg_inc_dir=`${PGCONF} --includedir`
1384 # CFLAGS="$CFLAGS -I${pg_inc_dir}"
1385 CPPFLAGS="$CPPFLAGS -I${pg_inc_dir}"
1386 fi
1387 elif test "x${withval}" = "xodbc"; then
1388 AC_MSG_CHECKING(for odbc in /usr /usr/local ODBC_HOME)
1389 odbc_directory="/usr /usr/local"
1390
1391 for i in $odbc_directory; do
1392 if test -r $i/include/sql.h; then
1393 if test -r $i/include/sqlext.h; then
1394 if test -r $i/include/sqltypes.h; then
1395 ODBC_DIR=$i
1396 ODBC_INC_DIR=$i/include
1397 fi
1398 fi
1399 fi
1400 done
1401
1402 if test -z "$ODBC_DIR"; then
1403 tmp=""
1404 for i in $odbc_directory; do
1405 tmp="$tmp $i/include"
1406 done
1407 FAIL_MESSAGE("odbc headers (sql.h sqlext.h sqltypes.h)", $tmp)
1408 fi
1409
1410 str="$ODBC_DIR/lib/libodbc.*"
1411 for j in `echo $str`; do
1412 if test -r $j; then
1413 ODBC_LIB_DIR="$ODBC_DIR/lib"
1414 ODBC_LIB="odbc"
1415 fi
1416 done
1417
1418 if test -z "$ODBC_LIB_DIR"; then
1419 FAIL_MESSAGE("odbc library (libodbc)", "$ODBC_DIR/lib")
1420 fi
1421
1422 AC_MSG_RESULT(yes)
1423 CPPFLAGS="${CPPFLAGS} -I${ODBC_INC_DIR}"
1424 LIBS="${LIBS} -L${ODBC_LIB_DIR} -l$ODBC_LIB"
1425 AC_DEFINE(WITH_ODBC)
1426 AC_DEFINE(WITH_DATABASE)
1427
1428 elif test "x${withval}" = "xoracle"; then
1429
1430 AC_MSG_CHECKING(for oracle in ORACLE_HOME /usr/local /usr)
1431
1432 oracle_directory="/usr /usr/local ${ORACLE_HOME}"
1433 for i in $oracle_directory; do
1434
1435 ff=`find $i -name oci.h 2>/dev/null | tail -1`
1436 if test "x$ff" = "x"; then
1437 :
1438 else
1439 ORACLE_INC=`dirname $ff`
1440 fi
1441
1442 fg=`find $i -name libclntsh.so 2>/dev/null | tail -1`
1443 if test "x$fg" = "x"; then
1444 :
1445 else
1446 ORACLE_LIB=`dirname $fg`
1447 fi
1448
1449 done
1450
1451 if test -z "$ORACLE_INC"; then
1452
1453 tmp=""
1454 for i in $oracle_directory; do
1455 tmp="$tmp $i"
1456 done
1457 FAIL_MESSAGE("OCI header file (oci.h) please define ORACLE_INC directory where oci.h resides", $tmp)
1458
1459 elif test -z "$ORACLE_LIB"; then
1460
1461 tmp=""
1462 for i in $oracle_directory; do
1463 tmp="$tmp $i"
1464 done
1465 FAIL_MESSAGE("OCI library file (libclntsh.so) please define ORACLE_LIB directory where libclntsh.so resides", $tmp)
1466
1467 else
1468
1469 ORACLE_CPP_FLAGS="-I$ORACLE_INC"
1470 ORACLE_LIB_DIR="$ORACLE_LIB"
1471
1472 AC_MSG_RESULT([$ORACLE_INC $ORACLE_LIB])
1473
1474 CPPFLAGS="${CPPFLAGS} ${ORACLE_CPP_FLAGS}"
1475
1476 ORACLE_LIBS="-lclntsh"
1477
1478 if test -r $ORACLE_LIB_DIR/libnnz11.so; then
1479 ORACLE_LIBS="${ORACLE_LIBS} -lnnz11"
1480 fi
1481 if test -r $ORACLE_LIB_DIR/libwtc9.so; then
1482 ORACLE_LIBS="${ORACLE_LIBS} -lwtc9"
1483 elif test -r $ORACLE_LIB_DIR/libwtc8.so; then
1484 ORACLE_LIBS="${ORACLE_LIBS} -lwtc8"
1485 fi
1486 LIBS="${LIBS} -L${ORACLE_LIB_DIR} ${ORACLE_LIBS}"
1487 if test "x$GCC" != "xyes"; then
1488 CFLAGS="${CFLAGS} -fno-strict-aliasing"
1489 fi
1490 fi
1491 AC_DEFINE(WITH_ORACLE)
1492 AC_DEFINE(WITH_DATABASE)
1493
1494 else
1495 AC_MSG_ERROR([Option --with-database=database used with unsupported database ${withval}])
1496 fi
1497 ]
1498)
1499
1500AC_ARG_WITH(console,
1501 [ --with-console=PATH set path to console device [[/dev/console]]],
1502 [
1503 if test "x${withval}" != xno; then
1504 mycons="$withval"
1505 AC_DEFINE_UNQUOTED(DEFAULT_CONSOLE, _("${mycons}") )
1506 fi
1507 ])
1508
1509AC_ARG_WITH(altconsole,
1510 [ --with-altconsole=PATH set path to second console device [[none]]],
1511 [
1512 if test "x${withval}" != xno; then
1513 myaltcons="$withval"
1514 else
1515 myaltcons="NULL"
1516 fi
1517 ],
1518 [myaltcons="NULL"])
1519AC_DEFINE_UNQUOTED(ALT_CONSOLE, _("${myaltcons}") )
1520
1521AC_ARG_WITH(timeserver,
1522 [ --with-timeserver=HOST set host address for time server [[none]]],
1523 [
1524 if test "x${withval}" != xno; then
1525 mytimeserv="$withval"
1526 AC_DEFINE(HAVE_NTIME)
1527 else
1528 mytimeserv="NULL"
1529 fi
1530 ],
1531 mytimeserv="NULL")
1532AC_DEFINE_UNQUOTED(DEFAULT_TIMESERVER, _("${mytimeserv}") )
1533
1534AC_ARG_WITH(alttimeserver,
1535 [ --with-alttimeserver=HOST set address for backup time server [[none]]],
1536 [
1537 if test "x${withval}" != xno; then
1538 myalttimeserv="$withval"
1539 AC_DEFINE(HAVE_NTIME)
1540 else
1541 myalttimeserv="NULL"
1542 fi
1543 ],
1544 myalttimeserv="NULL")
1545AC_DEFINE_UNQUOTED(ALT_TIMESERVER, _("${myalttimeserv}") )
1546
1547AC_ARG_ENABLE(login-watch,
1548 [ --enable-login-watch watch for login/logout [[no]]],
1549 [
1550 if test "x${enable_login_watch}" = xyes; then
1551 AC_DEFINE(SH_USE_UTMP)
1552 fi
1553 ]
1554)
1555
1556AC_ARG_ENABLE(mounts-check,
1557 [ --enable-mounts-check check mount options on filesystems [[no]]],
1558 [
1559 if test "x${enable_mounts_check}" = xyes; then
1560 AC_DEFINE(SH_USE_MOUNTS)
1561 fi
1562 ]
1563)
1564
1565AC_ARG_ENABLE(logfile-monitor,
1566 [ --enable-logfile-monitor monitor logfiles [[no]]],
1567 [
1568 if test "x${enable_logfile_monitor}" = xyes; then
1569 AC_CHECK_HEADER(pcre.h,
1570 [
1571 AC_DEFINE(USE_LOGFILE_MONITOR, 1, [Define if you want the logfile monitor module.])
1572 LIBS="-lpcre $LIBS"
1573 ],
1574 [
1575 AC_CHECK_HEADER(pcre/pcre.h,
1576 [
1577 AC_DEFINE(USE_LOGFILE_MONITOR, 1, [Define if you want the logfile monitor module.])
1578 AC_DEFINE(HAVE_PCRE_PCRE_H, 1, [Define if you have pcre/pcre.h.])
1579 LIBS="-lpcre $LIBS"
1580 ],
1581 AC_MSG_ERROR([The --enable-logfile-monitor option requires libpcre. For compiling the pcre development package is needed.])
1582 )
1583 ]
1584 )
1585 AC_CHECK_LIB(pcre, pcre_dfa_exec, [
1586 AC_DEFINE([HAVE_PCRE_DFA_EXEC], 1, [Define if you have pcre_dfa_exec])
1587 ], [
1588 AC_MSG_WARN([pcre_dfa_exec not available])
1589 ])
1590 fi
1591 ]
1592)
1593
1594
1595AC_ARG_ENABLE(process-check,
1596 [ --enable-process-check check processes [[no]]],
1597 [
1598 if test "x${enable_process_check}" = xyes; then
1599 AC_CHECK_LIB([rt], [sched_getparam], sh_lrt=yes, sh_lrt=no)
1600 if test x"$sh_lrt" = xyes; then
1601 LIBRT=-lrt
1602 else
1603 LIBRT=
1604 fi
1605 LIBS="$LIBS $LIBRT"
1606 AC_DEFINE(SH_USE_PROCESSCHECK, [1], [Define if you want to check processes])
1607 fi
1608 ]
1609)
1610
1611AC_ARG_ENABLE(port-check,
1612 [ --enable-port-check check ports [[no]]],
1613 [
1614 if test "x${enable_port_check}" = xyes; then
1615 AC_DEFINE(SH_USE_PORTCHECK, [1], [Define if you want to check ports])
1616 fi
1617 ]
1618)
1619
1620AC_ARG_ENABLE(userfiles,
1621 [ --enable-userfiles check for users' config files [[no]]],
1622 [
1623 if test "x${enableval}" = "xyes"; then
1624 AC_DEFINE(SH_USE_USERFILES)
1625 fi
1626 ]
1627)
1628
1629AC_ARG_ENABLE(debug,
1630 [ --enable-debug enable debug options [[no]]],
1631 [
1632 if test "x${enable_debug}" = "xyes"; then
1633 if test "x${mydebugflag}" != "xyes"; then
1634 AC_DEFINE(MEM_DEBUG)
1635 fi
1636 AC_DEFINE(WITH_TPT)
1637 AC_DEFINE(SL_DEBUG)
1638 AC_DEFINE(DNMALLOC_CHECKS, 1, [Debug dnmalloc])
1639 AC_DEFINE(PARANOIA, 0, [Paranoia level for dnmalloc])
1640 AC_DEFINE(SL_FAIL_ON_ERROR)
1641 if test "x${myneedg3}" = "xyes"; then
1642 mydebugdef="-g3"
1643 else
1644 mydebugdef="-g"
1645 fi
1646 mydebugit="yes"
1647 elif test "x${enable_debug}" = "xgdb"; then
1648 AC_DEFINE(SH_ABORT_ON_ERROR, 1, [Use abort])
1649 if test "x${myneedg3}" = "xyes"; then
1650 mydebugdef="-g3"
1651 else
1652 mydebugdef="-g"
1653 fi
1654 mydebugit="yes"
1655 fi
1656 ]
1657)
1658AC_SUBST(mydebugdef)
1659
1660if test "x${enable_asm_ok}" = "xyes"; then
1661 sh_enable_asm=yes
1662else
1663 sh_enable_asm=no
1664fi
1665AC_ARG_ENABLE(asm,
1666 [ --disable-asm disable asm inline code],
1667 [
1668 if test "x${enable_asm}" = xno; then
1669 sh_enable_asm=no
1670 fi
1671 ]
1672)
1673
1674if test "x${samhain_64_asm}" = xyes; then
1675 if test "x${sh_enable_asm}" = xyes; then
1676 AC_DEFINE([TIGER_OPT_ASM],1,[Define to use tiger x86_64 optimized assembly])
1677 fi
1678fi
1679
1680AC_ARG_ENABLE(ipv6,
1681 [ --disable-ipv6 disable ipv6 support],
1682 [
1683 if test "x${enable_ipv6}" = xno; then
1684 AC_DEFINE(USE_IPV4,1,[Define if you do not want IPv6])
1685 fi
1686 ]
1687)
1688
1689if test "x${dnmalloc_ok}" = "xyes"; then
1690 sh_dnmalloc_enabled=yes
1691else
1692 sh_dnmalloc_enabled=no
1693fi
1694
1695AC_ARG_ENABLE(dnmalloc,
1696 [ --disable-dnmalloc disable dnmalloc],
1697 [
1698 if test "x${enable_dnmalloc}" = xno; then
1699 sh_dnmalloc_enabled=no
1700 else
1701 sh_dnmalloc_enabled=yes
1702 fi
1703 ]
1704)
1705
1706dnl Handle the problem that static linking against libc.a on Linux
1707dnl produces the error "multiple definitions of malloc"
1708dnl
1709if test "x$sh_dnmalloc_enabled" = "xyes"; then
1710 if test x$enable_static = xyes; then
1711 if test "x$sh_no_gcc_static" = "xyes"; then
1712 sh_dnmalloc_enabled=no
1713 else
1714 if test "x$with_gnu_ld" = "xyes"; then
1715 LDFLAGS="$LDFLAGS -Wl,--allow-multiple-definition"
1716 else
1717 sh_dnmalloc_enabled=no
1718 fi
1719 fi
1720 fi
1721fi
1722
1723if test "x${sh_dnmalloc_enabled}" = xno; then
1724 AC_DEFINE(USE_SYSTEM_MALLOC,1,[Define if you want to use the system malloc])
1725fi
1726
1727AC_ARG_ENABLE(ptrace,
1728 [ --enable-ptrace use anti-debugger options [[no]]],
1729 [
1730 if test "x${enable_ptrace}" = xyes; then
1731 if test "x$mydebugit" != "xyes"; then
1732 AC_DEFINE(SCREW_IT_UP)
1733 fi
1734 fi
1735 ]
1736)
1737
1738dnl
1739if test "x$GCC" = "xyes"; then
1740 if test ! -z "`echo "$CFLAGS" | grep "\-g\ " 2> /dev/null`" ; then
1741 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
1742 fi
1743
1744dnl if test ! -z "`echo "$CFLAGS" | grep "\-O2" 2> /dev/null`" ; then
1745dnl CFLAGS=`echo $CFLAGS | sed 's%\-O2%\-O3%' `
1746dnl fi
1747
1748 if test -z "`echo "$CFLAGS" | grep "\-Wall" 2> /dev/null`" ; then
1749 CFLAGS="$CFLAGS -Wall -W "
1750 fi
1751
1752 if test -z "`echo "$CFLAGS" | grep "\-fstrength\-reduce" 2> /dev/null`"
1753 then
1754 if test -z "`echo "$CFLAGS" | grep "\-fno\-strength\-reduce" 2> /dev/null`"
1755 then
1756 CFLAGS="$CFLAGS -fno-strength-reduce"
1757 fi
1758 fi
1759
1760 if test -z "`echo "$CFLAGS" | grep "\-fomit\-frame\-pointer" 2> /dev/null`"
1761 then
1762 if test -z "`echo "$CFLAGS" | grep "\-fno\-omit\-frame\-pointer" 2> /dev/null`"
1763 then
1764 CFLAGS="$CFLAGS -fno-omit-frame-pointer"
1765 fi
1766 fi
1767
1768fi
1769
1770dnl Test whether gcc supports -Wno-empty-body
1771dnl Suppresses warnings from glibc pthread_cleanup_pop
1772dnl
1773GCC_WEMPTY_BODY
1774
1775AC_MSG_CHECKING([which random module to use])
1776AC_ARG_WITH(rnd,
1777 [ --with-rnd=[[egd|unix|dev|default]] random number generator [[default]]],
1778[use_static_rnd=$withval], [use_static_rnd=default] )
1779
1780if test "$use_static_rnd" = no; then
1781 use_static_rnd=default
1782fi
1783
1784case "$use_static_rnd" in
1785 egd | dev | unix | default )
1786 AC_MSG_RESULT($use_static_rnd)
1787 ;;
1788 * )
1789 AC_MSG_RESULT([invalid argument])
1790 AC_MSG_ERROR([Option --with-rnd=module used with unsupported module ${use_static_rnd}])
1791 ;;
1792esac
1793
1794AC_ARG_WITH(egd-socket,
1795 [ --with-egd-socket=NAME EGD socket name],
1796 egd_socket_name="$withval", egd_socket_name="" )
1797AC_DEFINE_UNQUOTED(EGD_SOCKET_NAME, _("$egd_socket_name") )
1798
1799dnl
1800dnl See whether the user wants to disable checking for /dev/random
1801
1802try_dev_random=yes
1803
1804case "$use_static_rnd" in
1805dev | default )
1806 try_dev_random=yes
1807 ;;
1808egd)
1809 AC_DEFINE(HAVE_EGD_RANDOM)
1810 try_dev_random=no
1811 ;;
1812unix)
1813 AC_DEFINE(HAVE_UNIX_RANDOM)
1814 try_dev_random=no
1815 ;;
1816esac
1817
1818
1819if test "x$try_dev_random" = "xyes"; then
1820 AC_MSG_CHECKING(whether /dev/random exists)
1821 if test -r "/dev/srandom" && test -c "/dev/srandom"; then
1822 AC_DEFINE(HAVE_URANDOM)
1823 AC_DEFINE_UNQUOTED(NAME_OF_DEV_RANDOM, _("/dev/srandom") )
1824 AC_MSG_RESULT(yes)
1825 if test -r "/dev/urandom" && test -c "/dev/urandom"; then
1826 AC_DEFINE_UNQUOTED(NAME_OF_DEV_URANDOM, _("/dev/urandom") )
1827 fi
1828 else
1829 if test -r "/dev/random" && test -c "/dev/random"; then
1830 AC_DEFINE(HAVE_URANDOM)
1831 AC_DEFINE_UNQUOTED(NAME_OF_DEV_RANDOM, _("/dev/random") )
1832 AC_MSG_RESULT(yes)
1833 if test -r "/dev/urandom" && test -c "/dev/urandom"; then
1834 AC_DEFINE_UNQUOTED(NAME_OF_DEV_URANDOM, _("/dev/urandom") )
1835 fi
1836 else
1837 AC_MSG_RESULT(no)
1838 AC_DEFINE(HAVE_UNIX_RANDOM)
1839 fi
1840 fi
1841fi
1842
1843
1844AC_ARG_ENABLE(udp,
1845 [ --enable-udp server can listen on port 514/udp [[no]]],
1846 [
1847 if test "x${enable_udp}" = xyes; then
1848 AC_DEFINE(INET_SYSLOG)
1849 fi
1850 ]
1851)
1852
1853myencrypt=yes
1854AC_ARG_ENABLE(encrypt,
1855 [ --disable-encrypt disable client/server encryption],
1856 [
1857 if test "x${enable_encrypt}" = xno; then
1858 myencrypt=no
1859 elif test "x${enable_encrypt}" = "x1"; then
1860 myencrypt=1
1861 fi
1862 ]
1863)
1864if test "x${myencrypt}" = "xyes"; then
1865 AC_DEFINE(SH_ENCRYPT)
1866 AC_DEFINE(SH_ENCRYPT_2)
1867elif test "x${myencrypt}" = "x1"; then
1868 AC_DEFINE(SH_ENCRYPT)
1869fi
1870
1871sh_use_srp_proto=yes
1872AC_ARG_ENABLE(srp,
1873 [ --disable-srp disable SRP for authentication],
1874 [
1875 if test "x${enable_srp}" = xno; then
1876 sh_use_srp_proto=no
1877 fi
1878 ]
1879)
1880if test "x${sh_use_srp_proto}" = xyes; then
1881 AC_DEFINE(USE_SRP_PROTOCOL)
1882fi
1883
1884AC_ARG_WITH(port,
1885 [ --with-port=PORT set port to use for TCP/IP connection [[49777]]],
1886 [
1887 echo "${withval}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
1888 AC_MSG_ERROR([For --with-port=PORT, PORT must be numeric.])
1889 myport=${withval}
1890 ],
1891 [myport="49777"])
1892AC_DEFINE_UNQUOTED(SH_DEFAULT_PORT, ${myport})
1893AC_SUBST(myport)
1894
1895AC_ARG_WITH(logserver,
1896 [ --with-logserver=HOST set host address for log server [[none]]],
1897 [
1898 case "$withval" in
1899 *.* | localhost)
1900 mylogsrv="$withval"
1901 ;;
1902 *)
1903 mylogsrv="$withval"
1904 ;;
1905 esac
1906 ],
1907 [mylogsrv="NULL"])
1908AC_DEFINE_UNQUOTED(DEFAULT_LOGSERVER, _("${mylogsrv}") )
1909AC_SUBST(mylogsrv)
1910
1911AC_ARG_WITH(altlogserver,
1912 [ --with-altlogserver=HOST set address for backup log server [[none]]],
1913 [
1914 case "$withval" in
1915 *.* | localhost)
1916 myaltlogsrv="$withval"
1917 ;;
1918 *)
1919 myaltlogsrv="$withval"
1920 ;;
1921 esac
1922 ],
1923 [myaltlogsrv="NULL"])
1924AC_DEFINE_UNQUOTED(ALT_LOGSERVER, _("${myaltlogsrv}"))
1925
1926
1927
1928dnl
1929dnl STEALTH OPTIONS
1930dnl
1931nocl_code=
1932xor_code=0
1933AC_ARG_ENABLE(nocl,
1934 [ --enable-nocl=PW no CL parsing unless first CL argument is PW],
1935 [
1936 if test "x${enableval}" != "x"; then
1937 AC_DEFINE(SH_STEALTH_NOCL)
1938 fi
1939 if test "x${enableval}" = "xstop" || test "x${enableval}" = "xstart"; then
1940 AC_MSG_ERROR([For --enable-nocl=PW start/stop/reload/restart/status are reserved words.])
1941 fi
1942 if test "x${enableval}" = "xreload" || test "x${enableval}" = "xrestart"; then
1943 AC_MSG_ERROR([For --enable-nocl=PW start/stop/reload/restart/status are reserved words.])
1944 fi
1945 if test "x${enableval}" = "xstatus"; then
1946 AC_MSG_ERROR([For --enable-nocl=PW start/stop/reload/restart/status are reserved words.])
1947 fi
1948 if test "x${enableval}" = "xno"; then
1949 AC_MSG_ERROR([With --enable-nocl=PW, the use of --enable-nocl=no is ambiguous.])
1950 fi
1951 nocl_code="${enable_nocl}"
1952 ]
1953)
1954AC_DEFINE_UNQUOTED(NOCL_CODE, _("${nocl_code}") )
1955AC_SUBST(nocl_code)
1956AC_ARG_ENABLE(stealth,
1957 [ --enable-stealth=XOR_VAL enable stealth mode [[no]]],
1958 [AC_DEFINE(SH_STEALTH)
1959 if test "x${enableval}" != "xyes"; then
1960 echo "${enableval}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
1961 AC_MSG_ERROR([For --enable-stealth=XOR_VAL, XOR_VAL must be numeric.])
1962 if test "${enableval}" -lt 127 || test "${enableval}" -gt 255; then
1963 if test x"${enableval}" = x0
1964 then
1965 :
1966 else
1967 AC_MSG_ERROR([For --enable-stealth=XOR_VAL, XOR_VAL must be in the range 127 to 255.])
1968 fi
1969 fi
1970 xor_code="${enable_stealth}"
1971 else
1972 xor_code=0
1973 fi
1974 stegin_prg="samhain_stealth"
1975 ],
1976 [
1977 stegin_prg=
1978 ]
1979)
1980AC_ARG_ENABLE(micro-stealth,
1981 [ --enable-micro-stealth=XOR_VAL enable micro stealth mode [[no]]],
1982 [
1983 AC_DEFINE(SH_STEALTH)
1984 AC_DEFINE(SH_STEALTH_MICRO)
1985 if test "x${enableval}" != "xyes"; then
1986 echo "${enableval}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
1987 AC_MSG_ERROR([For --enable-micro-stealth=XOR_VAL, XOR_VAL must be numeric.])
1988 if test "${enableval}" -lt 127 || test "${enableval}" -gt 255; then
1989 if test x"${enableval}" = x0
1990 then
1991 :
1992 else
1993 AC_MSG_ERROR([For --enable-micro-stealth=XOR_VAL, XOR_VAL must be in the range 127 to 255.])
1994 fi
1995 fi
1996 xor_code="${enable_micro_stealth}"
1997 else
1998 xor_code=0
1999 fi
2000 ]
2001)
2002install_name="samhain"
2003INSTALL_NAME="SAMHAIN"
2004AC_ARG_ENABLE(install-name,
2005 [ --enable-install-name=NAME name under which to install [[samhain|yule]]],
2006 [
2007 if test "x${enableval}" != "xyes"; then
2008 install_name="${enableval}"
2009 INSTALL_NAME=`echo "${enableval}" | tr [a-z] [A-Z]`
2010 else
2011 install_name="${sh_main_prg}"
2012 INSTALL_NAME=`echo "${sh_main_prg}" | tr [a-z] [A-Z]`
2013 fi
2014 ],
2015 [
2016 install_name="${sh_main_prg}"
2017 INSTALL_NAME=`echo "${sh_main_prg}" | tr [a-z] [A-Z]`
2018 ]
2019)
2020
2021
2022need_user_install=0
2023
2024AC_ARG_ENABLE(identity,
2025 [ --enable-identity=USER user if dropping root [[daemon]]],
2026 [
2027 if test x"$enableval" = xno; then
2028 myident="daemon"
2029 else
2030 myident="$enableval"
2031 fi
2032 echo "${myident}" | grep ['[^0123456789]'] >/dev/null 2>&1 || \
2033 AC_MSG_ERROR([With --enable-identity=USER, please supply a username, not a UID.])
2034 myident_uid=`(cat /etc/passwd; ypcat passwd) 2>/dev/null |\
2035 grep "^${myident}:" | awk -F: '{ print $3; }'`
2036 if test x"${myident_uid}" = x; then
2037 AC_MSG_WARN([Option --enable-identity used, user ${myident} will be added upon install.])
2038 need_user_install=1
2039 fi
2040 ],
2041 [
2042 for myident in ${install_name} daemon nobody; do
2043 AC_MSG_CHECKING(for user ${myident})
2044 myident_uid=`(cat /etc/passwd; ypcat passwd) 2>/dev/null |\
2045 grep "^${myident}:" | awk -F: '{ print $3; }'`
2046 if test x"${myident_uid}" != x; then
2047 AC_MSG_RESULT(yes)
2048 break;
2049 else
2050 AC_MSG_RESULT(no)
2051 fi
2052 done
2053 if test x"${myident_uid}" = x; then
2054 myident=${install_name}
2055 AC_MSG_WARN([--enable-identity: user ${myident} will be added upon install])
2056 need_user_install=1
2057 fi
2058 ])
2059AC_DEFINE_UNQUOTED(DEFAULT_IDENT, _("${myident}") )
2060AC_SUBST(myident)
2061AC_SUBST(need_user_install)
2062
2063sh_insmod_cmd=": # no kernel module"
2064sh_insmod_pre=": # no kernel module"
2065sh_lkm=""
2066lkm_inc=""
2067khidemap="/boot/System.map"
2068sh_syscalltable="0x0"
2069AC_ARG_ENABLE(khide,
2070 [ --enable-khide=SYSTEM_MAP use kernel module to hide (Linux only)[[/boot/System.map]]],
2071 [
2072 if test "x${enable_khide}" != xno; then
2073
2074 kernel_testsupport=`uname -r | sed s,^3.*,LINUX3,`
2075 if test "x${kernel_testsupport}" = "xLINUX3"; then
2076 AC_MSG_ERROR([The --enable-khide option is not supported on Linux kernel version 3.x or above.])
2077 fi
2078
2079 if test "x${enableval}" != "xyes"; then
2080 khidemap="${enableval}"
2081 fi
2082 sh_syscalltable=`egrep '(D|d|R|r) sys_call_table' ${khidemap} | awk '{print $1}'`
2083 if test x"$sh_syscalltable" = x; then
2084 AC_MSG_ERROR([Option --enable-khide cannot be used since the symbol sys_call_table was not found in ${khidemap}.])
2085 fi
2086 sh_syscalltable="0x${sh_syscalltable}"
2087 install_name_len=`echo ${install_name} | awk '{ print(length()); }'`
2088 if test "${install_name_len}" -gt 15 ; then
2089 AC_MSG_ERROR([If --enable-khide is used, install_name must not exceed a length of 15 chars.])
2090 fi
2091 AC_DEFINE(SH_USE_LKM)
2092 AC_DEFINE_UNQUOTED(SH_MAGIC_HIDE, "${install_name}")
2093
2094 # -- NEW --
2095 kernel_version=`uname -r | sed s,2.6.*,LINUX26,`
2096 kernel_numeric=`uname -r | sed 's%-%.%g' | sed 's%_%.%g' | awk -F. '{ print $1*65536+$2*256+$3 }'`
2097 AC_DEFINE_UNQUOTED(SH_KERNEL_NUMERIC, ${kernel_numeric}, [Kernel number])
2098
2099 if test x"$kernel_version" = xLINUX26
2100 then
2101 AC_MSG_CHECKING([for modlist_lock])
2102 sh_modlist_lock=`egrep ['[bd] modlist_lock$'] ${khidemap} | awk '{print $1}'`
2103 if test x"$sh_modlist_lock" = x; then
2104 AC_MSG_RESULT(no)
2105 else
2106 sh_modlist_lock="0x${sh_modlist_lock}"
2107 AC_MSG_RESULT([${sh_modlist_lock}])
2108 AC_DEFINE_UNQUOTED(SH_MODLIST_LOCK, ${sh_modlist_lock}, [The address of the modules list spinlock])
2109 fi
2110
2111 AC_MSG_CHECKING([for module_mutex])
2112 sh_modlist_mutex=`egrep ['[bd] module_mutex$'] ${khidemap} | awk '{print $1}'`
2113 if test x"$sh_modlist_mutex" = x; then
2114 AC_MSG_RESULT(no)
2115 else
2116 sh_modlist_mutex="0x${sh_modlist_mutex}"
2117 AC_MSG_RESULT([${sh_modlist_mutex}])
2118 AC_DEFINE_UNQUOTED(SH_MODLIST_MUTEX, ${sh_modlist_mutex}, [The address of the modules list mutex])
2119 fi
2120
2121 sh_list_modules=`egrep 'd modules$' ${khidemap} | awk '{print $1}'`
2122 if test x"$sh_list_modules" = x; then
2123 AC_MSG_ERROR([Option --enable-khide cannot be used, since the symbol modules was not found in ${khidemap}.])
2124 fi
2125 sh_list_modules="0x${sh_list_modules}"
2126 AC_DEFINE_UNQUOTED(SH_LIST_MODULES, ${sh_list_modules}, [The address of the modules list])
2127
2128 AC_DEFINE(LINUX26, 1, [Define if kernel is 2.6])
2129 sh_insmod_cmd="modprobe ${install_name}_hide"
2130 sh_lkm="samhain_hide.ko"
2131 else
2132 sh_insmod_cmd="insmod ${install_name}_hide; insmod ${install_name}_erase; rmmod ${install_name}_erase"
2133 sh_lkm="samhain_hide.o samhain_erase.o"
2134 fi
2135 # -- END NEW --
2136
2137 kvers=`uname -r`
2138 if test -f /lib/modules/${kvers}/build/include/linux/kernel.h; then
2139 lkm_inc="-I/lib/modules/${kvers}/build/include"
2140 else
2141 AC_MSG_WARN([--enable-khide: /lib/modules/${kvers}/build/include/linux not found])
2142 AC_MSG_WARN([--enable-khide: You may need to install the kernel-source])
2143 AC_MSG_WARN([--enable-khide: headers for the currently-running kernel.])
2144 fi
2145
2146 AC_MSG_CHECKING([for 2.4 vanilla kernel])
2147 sh_is_vanilla_kernel=yes
2148 if test -f /lib/modules/${kvers}/build/include/linux/sched.h; then
2149 grep 'next_task,' /lib/modules/${kvers}/build/include/linux/sched.h >/dev/null 2>&1 || sh_is_vanilla_kernel=no
2150 fi
2151 if test x"${sh_is_vanilla_kernel}" = xno; then
2152 AC_MSG_RESULT(no)
2153 else
2154 AC_MSG_RESULT(yes)
2155 AC_DEFINE(SH_VANILLA_KERNEL)
2156 fi
2157
2158 fi
2159 ]
2160)
2161
2162AC_SUBST(install_name)
2163AC_SUBST(INSTALL_NAME)
2164AC_SUBST(stegin_prg)
2165AC_SUBST(xor_code)
2166
2167AC_DEFINE_UNQUOTED(XOR_CODE, ${xor_code})
2168AC_DEFINE_UNQUOTED(SH_SYSCALLTABLE, ${sh_syscalltable})
2169
2170
2171exepack_state0=`${srcdir}/c_random.sh 2>/dev/null`
2172exepack_state1=`${srcdir}/c_random.sh 2>/dev/null`
2173exepack_state2=`${srcdir}/c_random.sh 2>/dev/null`
2174
2175AC_DEFINE_UNQUOTED(EXEPACK_STATE_0, ${exepack_state0})
2176AC_DEFINE_UNQUOTED(EXEPACK_STATE_1, ${exepack_state1})
2177AC_DEFINE_UNQUOTED(EXEPACK_STATE_2, ${exepack_state2})
2178
2179
2180AC_ARG_ENABLE(suidcheck,
2181 [ --enable-suidcheck check for suid/sgid files [[no]]],
2182 [
2183 if test "x${enableval}" = "xyes"; then
2184 AC_DEFINE(SH_USE_SUIDCHK)
2185 fi
2186 ]
2187)
2188
2189
2190systemmap="/boot/System.map"
2191sh_libkvm=""
2192AC_ARG_WITH(kcheck,
2193 [ --with-kcheck[[=SYSTEM_MAP]] check Linux/FreeBSD/OpenBSD kernel integrity [[/boot/System.map]]],
2194 [
2195 if test "x${withval}" != "xno"; then
2196 AC_DEFINE(SH_USE_KERN)
2197
2198 kernel_numeric=`uname -r | sed 's%-%.%g' | sed 's%_%.%g' | awk -F. '{ print $1*65536+$2*256+$3 }'`
2199 AC_DEFINE_UNQUOTED(SH_KERNEL_NUMBER, ${kernel_numeric}, [Kernel number])
2200
2201 kernelversion=`uname -r`
2202 AC_DEFINE_UNQUOTED(SH_KERNEL_VERSION, _("${kernelversion}"), [Define the kernel version])
2203
2204 if test "x${withval}" != "xyes"; then
2205 systemmap="${withval}"
2206 fi
2207
2208 if test "x${cross_compiling}" = xyes; then
2209 :
2210 elif test "x$selectconfig" = "xfreebsd"; then
2211 LIBS="$LIBS -lkvm"
2212 sh_libkvm="-lkvm"
2213 elif test -f "${systemmap}"; then
2214
2215 test_kmap_open=no
2216
2217 if test -c /dev/kmem; then
2218 AC_MSG_CHECKING([whether /dev/kmem is useable])
2219 dd bs=4 count=16 if=/dev/kmem of=/dev/null >/dev/null 2>&1
2220 if test $? -eq 0; then
2221 test_kmap_open=yes
2222 fi
2223 AC_MSG_RESULT([${test_kmap_open}])
2224 fi
2225
2226 if test x"${test_kmap_open}" = xno; then
2227 # need kernel module
2228
2229 if test -f /lib/modules/${kernelversion}/build/include/linux/kernel.h; then
2230 lkm_inc="-I/lib/modules/${kernelversion}/build/include"
2231 else
2232 AC_MSG_WARN([--enable-khide: /lib/modules/${kernelversion}/build/include/linux not found])
2233 AC_MSG_WARN([--enable-khide: You may need to install the kernel-source])
2234 AC_MSG_WARN([--enable-khide: headers for the currently-running kernel.])
2235 fi
2236
2237 AC_MSG_CHECKING([for vmlist_lock])
2238 sh_vmlist_lock=`egrep ['[bdBD] vmlist_lock$'] ${systemmap} | awk '{print $1}'`
2239 if test x"$sh_vmlist_lock" = x; then
2240 AC_MSG_RESULT(no)
2241 else
2242 sh_vmlist_lock="0x${sh_vmlist_lock}"
2243 AC_MSG_RESULT([${sh_vmlist_lock}])
2244 AC_DEFINE_UNQUOTED(SH_VMLIST_LOCK, ${sh_vmlist_lock}, [The address of the vmlist spinlock])
2245 fi
2246
2247 AC_MSG_CHECKING([for vmlist])
2248 sh_vmlist=`egrep ['[bdBD] vmlist$'] ${systemmap} | awk '{print $1}'`
2249 if test x"$sh_vmlist" = x; then
2250 AC_MSG_RESULT(no)
2251 else
2252 sh_vmlist="0x${sh_vmlist}"
2253 AC_MSG_RESULT([${sh_vmlist}])
2254 AC_DEFINE_UNQUOTED(SH_VMLIST, ${sh_vmlist}, [The address of the vmlist])
2255 fi
2256
2257 sh_lkm="${sh_lkm} samhain_kmem.ko"
2258 sh_insmod_pre="modprobe ${install_name}_kmem"
2259
2260 fi
2261 else
2262 AC_MSG_ERROR([Option --with-kcheck=systemmap cannot be used, because system map ${systemmap} does not exist.])
2263 fi
2264 fi
2265 ]
2266)
2267
2268AC_SUBST(lkm_inc)
2269AC_SUBST(sh_lkm)
2270AC_SUBST(sh_insmod_cmd)
2271AC_SUBST(sh_insmod_pre)
2272
2273AC_SUBST(systemmap)
2274AC_SUBST(sh_libkvm)
2275
2276AC_ARG_ENABLE(base,
2277 [ --enable-base=B1,B2 base key (0...2147483647)],
2278 [
2279 AC_MSG_CHECKING(base key setting)
2280 my_key_A=`echo ${enableval} | awk 'BEGIN{FS=","}{print $1}'`
2281 my_key_B=`echo ${enableval} | awk 'BEGIN{FS=","}{print $2}'`
2282 AC_MSG_RESULT(${my_key_A} ${my_key_B})
2283 if test "x${my_key_A}" = x; then
2284 AC_MSG_ERROR([Option --enable-base=B1,B2 used with invalid first base key (zero length).])
2285 fi
2286 if test "x${my_key_B}" = x; then
2287 AC_MSG_ERROR([Option --enable-base=B1,B2 used with invalid second base key (zero length).])
2288 fi
2289 echo "${my_key_A}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
2290 AC_MSG_ERROR([For --enable-base=B1,B2, B1 and B2 must be numeric in the range 0 to 2147483647.])
2291 echo "${my_key_B}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
2292 AC_MSG_ERROR([For --enable-base=B1,B2, B1 and B2 must be numeric in the range 0 to 2147483647.])
2293 ],
2294 [
2295 AC_MSG_CHECKING(base key setting .. collecting entropy)
2296 my_key_1=`${srcdir}/c_random.sh 2>/dev/null`
2297 my_key_2=`${srcdir}/c_random.sh 2>/dev/null`
2298 my_key_3=`${srcdir}/c_random.sh 2>/dev/null`
2299 my_key_4=`${srcdir}/c_random.sh 2>/dev/null`
2300 my_key_A=`expr $my_key_1 \* 32767`
2301 my_key_A=`echo ${my_key_A} | sed 's%^0*%%g' 2>/dev/null`
2302 my_key_A=`expr $my_key_A \+ $my_key_2`
2303 my_key_B=`expr $my_key_3 \* 32767`
2304 my_key_B=`echo ${my_key_B} | sed 's%^0*%%g' 2>/dev/null`
2305 my_key_B=`expr $my_key_B \+ $my_key_4`
2306 AC_MSG_RESULT(${my_key_A} ${my_key_B})
2307 ]
2308 )
2309AC_SUBST(my_key_A)
2310AC_SUBST(my_key_B)
2311
2312dnl low bytes
2313my_key_1=`expr $my_key_A \% 65536`
2314dnl high bytes
2315my_key_2=`expr $my_key_A \/ 65536`
2316dnl low bytes
2317my_key_3=`expr $my_key_B \% 65536`
2318dnl high bytes
2319my_key_4=`expr $my_key_B \/ 65536`
2320
2321dnl echo ${my_key_1} ${my_key_2} ${my_key_3} ${my_key_4}
2322
2323dnl touch ./sh_MK.h
2324dnl echo "#ifndef SH_MK_H" >> ./sh_MK.h
2325dnl echo "#define SH_MK_H" >> ./sh_MK.h
2326dnl ${srcdir}/c_bits.sh ${my_key_1} MKB >> ./sh_MK.h
2327dnl ${srcdir}/c_bits.sh ${my_key_2} MKA >> ./sh_MK.h
2328dnl ${srcdir}/c_bits.sh ${my_key_3} MKC >> ./sh_MK.h
2329dnl ${srcdir}/c_bits.sh ${my_key_4} MKD >> ./sh_MK.h
2330dnl echo "#endif" >> ./sh_MK.h
2331AC_SUBST(my_key_1)
2332AC_SUBST(my_key_2)
2333AC_SUBST(my_key_3)
2334AC_SUBST(my_key_4)
2335
2336AC_MSG_CHECKING(key position)
2337pos_tf_1=`${srcdir}/c_random.sh 2>/dev/null`
2338pos_tf_2=`expr $pos_tf_1 \% 8`
2339pos_tf=`expr $pos_tf_2 + 1`
2340AC_MSG_RESULT(${pos_tf})
2341AC_DEFINE_UNQUOTED(POS_TF, ${pos_tf} )
2342
2343mykeybase=`echo ${my_key_A},${my_key_B}`
2344AC_DEFINE_UNQUOTED(DEFKEY, ${mykeybase} )
2345AC_SUBST(mykeybase)
2346
2347
2348dnl
2349dnl GPG/PGP options
2350dnl
2351
2352AC_ARG_WITH(gpg,
2353 [ --with-gpg=PATH use GnuPG to verify database/config [[no]]],
2354 [
2355 if test "x${withval}" != "xno"; then
2356 if test "x${cross_compiling}" = xyes; then
2357 mygpg="${withval}"
2358 else
2359 if test -f "${withval}"; then
2360 mygpg="${withval}"
2361 mychk0=`${withval} --load-extension tiger --print-md TIGER192 ${withval} 2>/dev/null`
2362 if test "x$?" != "x0"; then
2363 mychktest=no
2364 for sampre in ./samhain ./yule /usr/local/sbin/samhain /usr/local/bin/samhain /usr/bin/samhain /usr/sbin/samhain /usr/local/sbin/yule /usr/local/bin/yule /usr/bin/yule /usr/sbin/yule; do
2365 if test x"${mychktest}" = xyes
2366 then
2367 :
2368 else
2369 if test -f ${sampre}
2370 then
2371 echo "use existing ${sampre} for gpg checksum"
2372 mychk0=`${sampre} -H ${withval} 2>/dev/null`
2373 if test "x$?" != "x0"; then
2374 if test "x${nocl_code}" != "x"; then
2375 mychk0=`echo -H ${withval} | ${sampre} ${nocl_code} 2>/dev/null`
2376 if test "x$?" != "x0"; then
2377 :
2378 else
2379 mychk="${mychk0}"
2380 mychktest=yes
2381 fi
2382 fi
2383 else
2384 mychk="${mychk0}"
2385 mychktest=yes
2386 fi
2387 fi
2388 fi
2389 done
2390 if test x${mychktest} = xno; then
2391 AC_MSG_WARN([--with-gpg: cannot determine TIGER192 checksum of ${withval}])
2392 echo "-------------------------------------------------------------"
2393 echo " Your gpg binary does not support the TIGER192 checksum, "
2394 echo " and I cannot find an existing samhain binary to use instead."
2395 echo " You can:"
2396 echo " (a) run make to compile a samhain binary, then repeat"
2397 echo " ./configure and make"
2398 echo " (b) ignore the failure. The checksum of the gpg binary"
2399 echo " will not get compiled in, thus allowing an attacker"
2400 echo " to replace gpg with a trojan and subverting the gpg"
2401 echo " signature verification of configure and database files."
2402 echo
2403 echo " PLEASE IGNORE THIS MESSAGE IF YOU ALSO USE --with-checksum"
2404 echo "-------------------------------------------------------------"
2405 fi
2406 else
2407 mychk="${mychk0}"
2408 fi
2409 else
2410 AC_MSG_ERROR([--with-gpg: cannot find GnuPG PATH=${withval}])
2411 fi
2412 fi
2413 AC_DEFINE(WITH_GPG)
2414 AC_DEFINE_UNQUOTED(DEFAULT_GPG_PATH, _("${mygpg}") )
2415 AC_SUBST(mygpg)
2416 fi
2417 ]
2418)
2419
2420AC_ARG_WITH(keyid,
2421 [ --with-keyid=KEYID specify KeyID (0x...) for GPG/PGP functions [[none]]],
2422 [
2423 if test "x${withval}" != "x"; then
2424 echo "${withval}" | awk '{if((length($0)==10)||(length($0)==18)){exit 2}else{exit 0}}' &&
2425 AC_MSG_ERROR([--with-keyid:${withval} must be "0x" + 8|16 hex digits])
2426 echo "${withval}" | grep ['[^0][^x][^0123456789ABCDEFabcdef]'] >/dev/null 2>&1 &&
2427 AC_MSG_ERROR([--with-keyid:${withval} must be "0x" + 8|16 hex digits])
2428 mykeyid="$withval"
2429 mykeytag="--default-key"
2430 else
2431 mykeyid=""
2432 mykeytag=""
2433 fi
2434 AC_SUBST(mykeyid)
2435 AC_SUBST(mykeytag)
2436 ]
2437)
2438
2439dnl AC_ARG_WITH(pgp,
2440dnl [ --with-pgp=PATH Use PGP to verify database/config (no).],
2441dnl [myppg="$withval"
2442dnl AC_DEFINE(WITH_PGP)
2443dnl AC_DEFINE_UNQUOTED(DEFAULT_PGP_PATH, _("${myppg}") )
2444dnl ])
2445
2446AC_ARG_WITH(checksum,
2447 [ --with-checksum=CHKSUM compile in gpg/pgp checksum [[yes]]],
2448 [
2449 if test "x${withval}" != "xno"; then
2450 if test "x${withval}" != "xyes"; then
2451 if test "x${mychk}" != "x"; then
2452 if test "x${mychk}" != "x${withval}"; then
2453 AC_MSG_WARN([--with-checksum: possible gpg CHKSUM problem])
2454 AC_MSG_WARN([--with-checksum: CHKSUM=${withval}])
2455 AC_MSG_WARN([--with-checksum: autodetected=${mychk}])
2456 fi
2457 fi
2458 mychk="${withval}"
2459 else
2460 if test "x${mychk}" = "x"; then
2461 AC_MSG_ERROR([Option --with-checksum=CHKSUM: checksum CHKSUM of the gpg binary not specified.])
2462 fi
2463 fi
2464 AC_DEFINE(HAVE_GPG_CHECKSUM)
2465 AC_DEFINE_UNQUOTED(GPG_HASH, _("${mychk}") )
2466 echo "${mychk}" | sed 's,.*:,,g' | sed 's, ,,g' | sed 's,\(.\),\1:,g' | awk '{ split($0, arr, ":"); m = length($1)/2; print "#ifndef CHKSUM_H"; print "#define CHKSUM_H"; print "char gpgchk[50];"; for (i=1; i <= m; i++) printf "gpgchk[%d] = %c%s%c;\n", i-1, 39, arr[i], 39; printf "gpgchk[48] = %c%c0%c;\n", 39, 92, 39; print "#endif"; }' > sh_gpg_chksum.h
2467 fi
2468 ],
2469 [
2470 if test "x${mygpg}" != "x"; then
2471 if test "x${mychk}" != "x"; then
2472 AC_DEFINE(HAVE_GPG_CHECKSUM)
2473 AC_DEFINE_UNQUOTED(GPG_HASH, _("${mychk}") )
2474 echo "${mychk}" | sed 's,.*:,,g' | sed 's, ,,g' | sed 's,\(.\),\1:,g' | awk '{ split($0, arr, ":"); m = length($1)/2; print "#ifndef CHKSUM_H"; print "#define CHKSUM_H"; print "char gpgchk[50];"; for (i=1; i <= m; i++) printf "gpgchk[%d] = %c%s%c;\n", i-1, 39, arr[i], 39; printf "gpgchk[48] = %c%c0%c;\n", 39, 92, 39; print "#endif"; }' > sh_gpg_chksum.h
2475 fi
2476 fi
2477 ]
2478)
2479
2480AC_ARG_WITH(fp,
2481 [ --with-fp=FINGERPRINT compile in public key fingerprint [[no]]],
2482 [
2483 if test "x${withval}" != "xno"; then
2484 if test "x${withval}" != "xyes"; then
2485 withval0=`echo ${withval} | sed 's% %%g'`
2486 echo "${withval0}" | \
2487 grep ['[^0123456789abcdefABCDEF]'] >/dev/null 2>&1 &&
2488 AC_MSG_ERROR([In option --with-fp=FINGERPRINT, there is an invalid character(s) in FINGERPRINT=${withval0}.])
2489 sh_len=`echo ${withval0} | wc -c | sed 's% %%g'`
2490 sh_len0=`expr ${sh_len} \- 1`
2491 if test "x${sh_len0}" = "x40" || test "x${sh_len0}" = "x32"
2492 then
2493 myfp="${withval0}"
2494 AC_DEFINE(USE_FINGERPRINT)
2495 AC_DEFINE_UNQUOTED(SH_GPG_FP, _("${myfp}") )
2496 echo "${myfp}" | sed 's,.*:,,g' | sed 's, ,,g' | sed 's,\(.\),\1:,g' | awk '{ split($0, arr, ":"); m = length($1)/2; print "#ifndef FINGERPRINT_H"; print "#define FINGERPRINT_H"; printf "char gpgfp[%d];\n", m+1; for (i=1; i <= m; i++) printf "gpgfp[%d] = %c%s%c;\n", i-1, 39, arr[i], 39; printf "gpgfp[%d] = %c%c0%c;\n", m, 39, 92, 39; print "#endif"; }' > sh_gpg_fp.h
2497 else
2498 AC_MSG_ERROR([In option --with-fp=FINGERPRINT, the length (${sh_len0}) of FINGERPRINT ${withval0} is incorrect.])
2499 fi
2500 else
2501 AC_MSG_ERROR([For option --with-fp=FINGERPRINT, FINGERPRINT=yes is invalid, please specify a valid key fingerprint.])
2502 fi
2503 fi
2504 ])
2505
2506
2507dnl
2508dnl MAIL OPTIONS
2509dnl
2510
2511AC_ARG_WITH(recipient,
2512 [ --with-recipient=ADDR set recipient(s) for e-mail [[none]]],
2513 [
2514 withval0=`echo ${withval} | sed 's%,% %g'`
2515 for sh_item in ${withval0}
2516 do
2517 case ${sh_item} in
2518 *@localhost)
2519 ;;
2520 *@*.*)
2521 sh_tmp=`echo ${sh_item} | awk '{ if ($1 ~ [/^[a-zA-Z0-9][a-zA-Z0-9\-_\.]*@[a-zA-Z0-9\-\.]+\.([a-zA-Z]+|[0-9]+)$/]) {print 1; } else { print 0}}'`
2522 if test "x${sh_tmp}" != "x1"
2523 then
2524 AC_MSG_ERROR([Option --with-recipient=ADDR used with invalid mail address ${sh_item}.])
2525 fi
2526 ;;
2527 *)
2528 AC_MSG_ERROR([Option --with-recipient=ADDR used with invalid mail address ${sh_item}.])
2529 ;;
2530 esac
2531 done
2532 myrcp="$withval0"
2533 ],
2534 [myrcp="NULL"])
2535AC_DEFINE_UNQUOTED(DEFAULT_MAILADDRESS, _("${myrcp}") )
2536
2537
2538AC_ARG_WITH(sender,
2539 [ --with-sender=SENDER set sender for e-mail [[daemon]]],
2540 [
2541 mysender="${withval}"
2542 ],
2543 [
2544 mysender="daemon"
2545 ])
2546AC_DEFINE_UNQUOTED(DEFAULT_SENDER, _("${mysender}") )
2547
2548
2549dnl
2550dnl PATHS
2551dnl
2552
2553AC_ARG_WITH(trusted,
2554 [ --with-trusted=UID Set uid(s) of trusted users [[0]]],
2555 [
2556 sh_tmp_test=no
2557 sh_tmp=`echo ${withval} | sed 's%,% %g'`
2558 for sh_tmp1 in ${sh_tmp}
2559 do
2560 echo "${sh_tmp1}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
2561 AC_MSG_ERROR([Option --with-trusted=UID used with non-numeric UID in ${withval}.])
2562 if test "x${sh_tmp1}" = "x0"
2563 then
2564 sh_tmp_test=yes
2565 fi
2566 done
2567 if test "x${sh_tmp_test}" = "xno"
2568 then
2569 withval="0,${withval}"
2570 fi
2571 mytrust="${withval}"
2572 ],
2573 [mytrust="0"] )
2574AC_DEFINE_UNQUOTED(SL_ALWAYS_TRUSTED, ${mytrust} )
2575AC_SUBST(mytrust)
2576
2577mytmpdir=
2578
2579AC_ARG_WITH(tmp-dir,
2580 [ --with-tmp-dir=PFX set directory for temporary files [[HOME]]],
2581 [
2582 if test "x${cross_compiling}" = xyes; then
2583 mytmpdir="$withval"
2584 AC_DEFINE_UNQUOTED(SH_TMPDIR, _("${mytmpdir}") )
2585 else
2586 if test -d "${withval}"; then
2587 mytmpdir="$withval"
2588 AC_DEFINE_UNQUOTED(SH_TMPDIR, _("${mytmpdir}") )
2589 else
2590 mytmpdir="$withval"
2591 AC_DEFINE_UNQUOTED(SH_TMPDIR, _("${mytmpdir}") )
2592 AC_MSG_WARN([--with-tmp-dir: tmp directory ${withval} does not exist])
2593 fi
2594 fi
2595 ]
2596)
2597
2598AC_SUBST(mytmpdir)
2599
2600
2601dnl
2602dnl PATH DEFAULTS
2603dnl
2604
2605if test "x${ac_prefix_set}" = xyes
2606then
2607 if test "x${exec_prefix}" = xNONE
2608 then
2609 exec_prefix="${prefix}"
2610 fi
2611
2612 if test "x${prefix}" = xOPT
2613 then
2614 tmp_sbindir="/opt/${install_name}/bin"
2615 tmp_sysconfdir="/etc/opt"
2616 tmp_mandir="/opt/${install_name}/man"
2617 tmp_localstatedir="/var/opt/${install_name}"
2618 elif test "x${prefix}" = xUSR
2619 then
2620 tmp_sbindir="/usr/sbin"
2621 tmp_sysconfdir="/etc"
2622 tmp_mandir="/usr/share/man"
2623 tmp_localstatedir="/var"
2624 else
2625 tmp_sbindir=`eval echo ${sbindir}`
2626 tmp_sysconfdir=`eval echo ${sysconfdir}`
2627 tmp_mandir=`eval echo ${mandir}`
2628 tmp_localstatedir=`eval echo ${localstatedir}`
2629 fi
2630else
2631 prefix=""
2632 if test "x${ac_exec_prefix_set}" = xyes
2633 then
2634 tmp_sbindir=`eval echo ${sbindir}`
2635 else
2636 tmp_sbindir="/usr/local/sbin"
2637 fi
2638 tmp_sysconfdir="/etc"
2639 # share/man -> man (FHS) 11.10.2002
2640 tmp_mandir="/usr/local/man"
2641 tmp_localstatedir="/var"
2642fi
2643
2644
2645if test "x${ac_sbindir_set}" = xyes
2646then
2647 :
2648else
2649 sbindir=`eval echo ${tmp_sbindir}`
2650fi
2651
2652
2653if test "x${ac_sysconfdir_set}" = xyes
2654then
2655 :
2656else
2657 sysconfdir=`eval echo ${tmp_sysconfdir}`
2658fi
2659
2660if test "x${ac_mandir_set}" = xyes
2661then
2662 :
2663else
2664 mandir=`eval echo ${tmp_mandir}`
2665fi
2666
2667if test "x${ac_localstatedir_set}" = xyes
2668then
2669 :
2670else
2671 localstatedir=`eval echo ${tmp_localstatedir}`
2672fi
2673
2674
2675
2676AC_ARG_WITH(config-file,
2677 [ --with-config-file=FILE configuration file [[/etc/{install_name}rc]]],
2678 [
2679 myconffile="${withval}"
2680 changequote(<<, >>)dnl
2681 tmp=`echo ${withval} | sed 's%^REQ_FROM_SERVER%%'`
2682 sysconfdir=`echo ${tmp} | sed 's%/[^/][^/]*$%%'`
2683 myrpmconffile="${tmp}"
2684 changequote([, ])dnl
2685 ],
2686 [
2687 myconffile="${sysconfdir}/${install_name}rc"
2688 myrpmconffile="${myconffile}"
2689 ]
2690)
2691AC_DEFINE_UNQUOTED(DEFAULT_CONFIGFILE, _("${myconffile}") )
2692AC_SUBST(myconffile)
2693AC_SUBST(myrpmconffile)
2694
2695AC_ARG_WITH(log-file,
2696 [ --with-log-file=FILE path of log file [[/var/log/{install_name}_log]]],
2697 [
2698 mylogfile="$withval"
2699 changequote(<<, >>)dnl
2700 mylogdir=`echo ${withval} | sed 's%/[^/][^/]*$%%'`
2701 changequote([, ])dnl
2702 ],
2703 [
2704 if test "x${mytclient}" = "x-DSH_WITH_SERVER"; then
2705 mylogfile="${localstatedir}/log/${install_name}/${install_name}_log"
2706 mylogdir="${localstatedir}/log/${install_name}"
2707 else
2708 mylogfile="${localstatedir}/log/${install_name}_log"
2709 mylogdir="${localstatedir}/log"
2710 fi
2711 ]
2712)
2713AC_DEFINE_UNQUOTED(DEFAULT_ERRFILE, _("${mylogfile}") )
2714AC_DEFINE_UNQUOTED(DEFAULT_LOGDIR, _("${mylogdir}") )
2715AC_SUBST(mylogfile)
2716AC_SUBST(mylogdir)
2717
2718AC_ARG_WITH(pid-file,
2719 [ --with-pid-file=FILE set path of pid file [[/var/run/{install_name}.pid]]],
2720 [
2721 mylockfile="$withval"
2722 changequote(<<, >>)dnl
2723 mylockdir=`echo ${withval} | sed 's%/[^/][^/]*$%%'`
2724 changequote([, ])dnl
2725 ],
2726 [
2727 if test -h /var/run && test -d /run; then
2728 mylockfile="/run/${install_name}.pid"
2729 mylockdir="/run"
2730 else
2731 mylockfile="${localstatedir}/run/${install_name}.pid"
2732 mylockdir="${localstatedir}/run"
2733 fi
2734 ]
2735)
2736AC_DEFINE_UNQUOTED(DEFAULT_ERRLOCK, _("${mylockfile}") )
2737AC_DEFINE_UNQUOTED(DEFAULT_PIDDIR, _("${mylockdir}") )
2738AC_SUBST(mylockfile)
2739AC_SUBST(mylockdir)
2740
2741AC_ARG_WITH(state-dir,
2742 [ --with-state-dir=PFX set state data directory [[/var/lib/{install_name}]]],
2743 [
2744 mydataroot="$withval"
2745 ],
2746 [
2747 mydataroot="${localstatedir}/lib/${install_name}"
2748 ]
2749 )
2750AC_ARG_WITH(data-file,
2751 [ --with-data-file=FILE set path of data file],
2752 [
2753 mydatafile="$withval"
2754 changequote(<<, >>)dnl
2755 tmp=`echo ${withval} | sed 's%^REQ_FROM_SERVER%%'`
2756 mydataroot=`echo ${tmp} | sed 's%/[^/][^/]*$%%'`
2757 myrpmdatafile="${tmp}"
2758 changequote([, ])dnl
2759 if test x"${tmp}" = x
2760 then
2761 echo "No local path in data file ${withval}"
2762 echo "This will not work for initializing the database."
2763 if test x"${withval}" = xREQ_FROM_SERVER
2764 then
2765 echo "It should be REQ_FROM_SERVER/some/local/path"
2766 fi
2767 AC_MSG_ERROR([Option --with-data-file=FILE used with invalid path ${withval}.])
2768 fi
2769 ],
2770 [
2771 mydatafile="${mydataroot}/${install_name}_file"
2772 myrpmdatafile="${mydatafile}"
2773 ])
2774AC_DEFINE_UNQUOTED(DEFAULT_DATA_FILE, _("${mydatafile}") )
2775AC_SUBST(mydatafile)
2776AC_SUBST(myrpmdatafile)
2777
2778AC_DEFINE_UNQUOTED(DEFAULT_DATAROOT, _("${mydataroot}") )
2779AC_SUBST(mydataroot)
2780
2781AC_DEFINE_UNQUOTED(DEFAULT_QDIR, _("${mydataroot}/.quarantine") )
2782AC_SUBST(myqdir)
2783
2784
2785AC_ARG_WITH(html-file,
2786 [ --with-html-file=FILE set path of html file,],
2787 [
2788 myhtmlfile="$withval"
2789 ],
2790 [
2791 myhtmlfile="${mylogdir}/${install_name}.html"
2792 ])
2793AC_DEFINE_UNQUOTED(DEFAULT_HTML_FILE, _("${myhtmlfile}") )
2794AC_SUBST(myhtmlfile)
2795
2796
2797mydefargs=$ac_configure_args
2798# if test -z "`echo "$mydefargs" | grep "\-\-enable\-static" 2> /dev/null`"
2799# then
2800# mydefargs="--enable-static $mydefargs"
2801# fi
2802if test -z "`echo "$mydefargs" | grep "\-\-enable\-base" 2> /dev/null`"
2803then
2804 mydefargs="--enable-base=${mykeybase} $mydefargs"
2805fi
2806AC_SUBST(mydefargs)
2807
2808
2809AC_DEFINE_UNQUOTED(SH_INSTALL_DIR, _("${sbindir}"))
2810AC_DEFINE_UNQUOTED(SH_INSTALL_PATH, _("${sbindir}/${install_name}"))
2811AC_DEFINE_UNQUOTED(SH_INSTALL_NAME, _("${install_name}"))
2812
2813AC_CONFIG_HEADER(config.h)
2814
2815AC_OUTPUT(
2816[
2817Makefile
2818samhain-install.sh
2819init/samhain.startLSB
2820init/samhain.startLinux
2821init/samhain.startGentoo
2822init/samhain.startFreeBSD
2823init/samhain.startSolaris
2824init/samhain.startHPUX
2825init/samhain.startIRIX
2826init/samhain.startMACOSX
2827samhain.spec
2828rules.deb
2829rules.deb-light
2830hp_ux.psf
2831scripts/logrotate
2832scripts/samhain.spec
2833scripts/redhat_i386.client.spec
2834scripts/samhain.ebuild
2835scripts/samhain.ebuild-light
2836scripts/samhainadmin.pl
2837scripts/yuleadmin.pl
2838scripts/check_samhain.pl
2839deploy.sh
2840],
2841[
2842echo timestamp > stamp-h
2843chmod +x samhain-install.sh
2844chmod +x scripts/samhainadmin.pl
2845chmod +x scripts/yuleadmin.pl
2846chmod +x scripts/check_samhain.pl
2847]
2848)
2849
2850chmod +x deploy.sh
2851
2852if test "x${cross_compiling}" = xyes
2853then
2854
2855echo "--------------------------------------------------------------"
2856echo
2857echo "You are using a cross-compiler. The following system dependent"
2858echo "values may have been set to default values that may be"
2859echo "incorrect for your target system: "
2860echo
2861echo "ac_cv_c_bigendian bigendian byte order ${ac_cv_c_bigendian}"
2862echo "ac_cv_c_long_double long double exists ${ac_cv_c_long_double}"
2863echo "ac_cv_sizeof_char_p size of pointer to char ${ac_cv_sizeof_char_p}"
2864echo "ac_cv_sizeof_char_p size of size_t ${ac_cv_sizeof_size_t}"
2865echo "ac_cv_sizeof_unsigned_int size of unsigned int ${ac_cv_sizeof_unsigned_int}"
2866echo "ac_cv_sizeof_unsigned_long size of unsigned long ${ac_cv_sizeof_unsigned_long}"
2867echo "ac_cv_sizeof_unsigned_short size of unsigned short ${ac_cv_sizeof_unsigned_short}"
2868echo
2869echo "If these values are incorrect, change them in the file "
2870echo "config.cache and run configure again."
2871echo
2872echo "--------------------------------------------------------------"
2873
2874fi
2875
2876if test x${silent} != xyes
2877then
2878
2879 # A=`eval echo ${sbindir}` ; A=`eval echo ${A}`
2880 # B=`eval echo ${myconffile}` ; B=`eval echo ${B}`
2881 # C=`eval echo ${mandir}` ; C=`eval echo ${C}`
2882 # D=`eval echo ${mylockfile}` ; D=`eval echo ${D}`
2883 # E=`eval echo ${mylogfile}` ; E=`eval echo ${E}`
2884 # F=`eval echo ${mydataroot}` ; F=`eval echo ${F}`
2885
2886 echo
2887 echo " samhain has been configured as follows:"
2888 echo " System binaries: ${sbindir}"
2889 echo " Configuration file: ${myconffile}"
2890 echo " Manual pages: ${mandir}"
2891 echo " Data: ${mydataroot}"
2892 echo " PID file: ${mylockfile}"
2893 echo " Log file: ${mylogfile}"
2894 echo " Base key: ${mykeybase}"
2895 if test x"$mykeyid" != x
2896 then
2897 echo " target GPG/PGP key: ${mykeyid}"
2898 fi
2899 echo
2900 if test x"$mytclient" = x"-DSH_WITH_SERVER"
2901 then
2902 echo " Selected rc file: yulerc"
2903 else
2904 echo " Selected rc file: samhainrc.${selectconfig}"
2905 fi
2906
2907fi
2908
Note: See TracBrowser for help on using the repository browser.