diff options
Diffstat (limited to 'openssh')
-rw-r--r-- | openssh/openssh-3.7.1p1/scp-nossl.patch | 24 | ||||
-rw-r--r-- | openssh/openssh-3.7.1p1/sshd_config | 96 | ||||
-rw-r--r-- | openssh/openssh-3.7.1p2/scp-nossl.patch | 24 | ||||
-rw-r--r-- | openssh/openssh-3.7.1p2/sshd_config | 96 | ||||
-rw-r--r-- | openssh/openssh-3.8p1/configure.patch | 1931 | ||||
-rw-r--r-- | openssh/openssh-3.8p1/scp-nossl.patch | 24 |
6 files changed, 2195 insertions, 0 deletions
diff --git a/openssh/openssh-3.7.1p1/scp-nossl.patch b/openssh/openssh-3.7.1p1/scp-nossl.patch index e69de29bb2..222a52ff8a 100644 --- a/openssh/openssh-3.7.1p1/scp-nossl.patch +++ b/openssh/openssh-3.7.1p1/scp-nossl.patch @@ -0,0 +1,24 @@ + +# +# Made by http://www.mn-logistik.de/unsupported/pxa250/patcher +# + +--- openssh-3.6.1p2/Makefile.in~scp-nossl ++++ openssh-3.6.1p2/Makefile.in +@@ -43,6 +43,7 @@ + CFLAGS=@CFLAGS@ + CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ $(PATHS) @DEFS@ + LIBS=@LIBS@ ++SCP_LIBS= + LIBPAM=@LIBPAM@ + LIBWRAP=@LIBWRAP@ + AR=@AR@ +@@ -134,7 +135,7 @@ + $(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBWRAP) $(LIBPAM) $(LIBS) + + scp$(EXEEXT): $(LIBCOMPAT) libssh.a scp.o progressmeter.o +- $(LD) -o $@ scp.o progressmeter.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) ++ $(LD) -o $@ scp.o progressmeter.o $(LDFLAGS) -lssh -lopenbsd-compat $(SCP_LIBS) + + ssh-add$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-add.o + $(LD) -o $@ ssh-add.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) diff --git a/openssh/openssh-3.7.1p1/sshd_config b/openssh/openssh-3.7.1p1/sshd_config index e69de29bb2..2d9c09752e 100644 --- a/openssh/openssh-3.7.1p1/sshd_config +++ b/openssh/openssh-3.7.1p1/sshd_config @@ -0,0 +1,96 @@ +# $OpenBSD: sshd_config,v 1.59 2002/09/25 11:17:16 markus Exp $ + +# This is the sshd server system-wide configuration file. See +# sshd_config(5) for more information. + +# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin + +# The strategy used for options in the default sshd_config shipped with +# OpenSSH is to specify options with their default value where +# possible, but leave them commented. Uncommented options change a +# default value. + +#Port 22 +#Protocol 2,1 +#ListenAddress 0.0.0.0 +#ListenAddress :: + +# HostKey for protocol version 1 +#HostKey /etc/ssh/ssh_host_key +# HostKeys for protocol version 2 +#HostKey /etc/ssh/ssh_host_rsa_key +#HostKey /etc/ssh/ssh_host_dsa_key + +# Lifetime and size of ephemeral version 1 server key +#KeyRegenerationInterval 3600 +#ServerKeyBits 768 + +# Logging +#obsoletes QuietMode and FascistLogging +#SyslogFacility AUTH +#LogLevel INFO + +# Authentication: + +#LoginGraceTime 120 +#PermitRootLogin yes +#StrictModes yes + +#RSAAuthentication yes +#PubkeyAuthentication yes +#AuthorizedKeysFile .ssh/authorized_keys + +# rhosts authentication should not be used +#RhostsAuthentication no +# Don't read the user's ~/.rhosts and ~/.shosts files +#IgnoreRhosts yes +# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts +#RhostsRSAAuthentication no +# similar for protocol version 2 +#HostbasedAuthentication no +# Change to yes if you don't trust ~/.ssh/known_hosts for +# RhostsRSAAuthentication and HostbasedAuthentication +#IgnoreUserKnownHosts no + +# To disable tunneled clear text passwords, change to no here! +#PasswordAuthentication yes +#PermitEmptyPasswords no + +# Change to no to disable s/key passwords +#ChallengeResponseAuthentication yes + +# Kerberos options +#KerberosAuthentication no +#KerberosOrLocalPasswd yes +#KerberosTicketCleanup yes + +#AFSTokenPassing no + +# Kerberos TGT Passing only works with the AFS kaserver +#KerberosTgtPassing no + +# Set this to 'yes' to enable PAM keyboard-interactive authentication +# Warning: enabling this may bypass the setting of 'PasswordAuthentication' +#PAMAuthenticationViaKbdInt no + +#X11Forwarding no +#X11DisplayOffset 10 +#X11UseLocalhost yes +#PrintMotd yes +#PrintLastLog yes +#KeepAlive yes +#UseLogin no +#UsePrivilegeSeparation yes +#PermitUserEnvironment no +Compression no + +#MaxStartups 10 +# no default banner path +#Banner /some/path +#VerifyReverseMapping no + +ClientAliveInterval 15 +ClientAliveCountMax 4 + +# override default of no subsystems +Subsystem sftp /usr/sbin/sftp-server diff --git a/openssh/openssh-3.7.1p2/scp-nossl.patch b/openssh/openssh-3.7.1p2/scp-nossl.patch index e69de29bb2..222a52ff8a 100644 --- a/openssh/openssh-3.7.1p2/scp-nossl.patch +++ b/openssh/openssh-3.7.1p2/scp-nossl.patch @@ -0,0 +1,24 @@ + +# +# Made by http://www.mn-logistik.de/unsupported/pxa250/patcher +# + +--- openssh-3.6.1p2/Makefile.in~scp-nossl ++++ openssh-3.6.1p2/Makefile.in +@@ -43,6 +43,7 @@ + CFLAGS=@CFLAGS@ + CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ $(PATHS) @DEFS@ + LIBS=@LIBS@ ++SCP_LIBS= + LIBPAM=@LIBPAM@ + LIBWRAP=@LIBWRAP@ + AR=@AR@ +@@ -134,7 +135,7 @@ + $(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBWRAP) $(LIBPAM) $(LIBS) + + scp$(EXEEXT): $(LIBCOMPAT) libssh.a scp.o progressmeter.o +- $(LD) -o $@ scp.o progressmeter.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) ++ $(LD) -o $@ scp.o progressmeter.o $(LDFLAGS) -lssh -lopenbsd-compat $(SCP_LIBS) + + ssh-add$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-add.o + $(LD) -o $@ ssh-add.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) diff --git a/openssh/openssh-3.7.1p2/sshd_config b/openssh/openssh-3.7.1p2/sshd_config index e69de29bb2..2d9c09752e 100644 --- a/openssh/openssh-3.7.1p2/sshd_config +++ b/openssh/openssh-3.7.1p2/sshd_config @@ -0,0 +1,96 @@ +# $OpenBSD: sshd_config,v 1.59 2002/09/25 11:17:16 markus Exp $ + +# This is the sshd server system-wide configuration file. See +# sshd_config(5) for more information. + +# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin + +# The strategy used for options in the default sshd_config shipped with +# OpenSSH is to specify options with their default value where +# possible, but leave them commented. Uncommented options change a +# default value. + +#Port 22 +#Protocol 2,1 +#ListenAddress 0.0.0.0 +#ListenAddress :: + +# HostKey for protocol version 1 +#HostKey /etc/ssh/ssh_host_key +# HostKeys for protocol version 2 +#HostKey /etc/ssh/ssh_host_rsa_key +#HostKey /etc/ssh/ssh_host_dsa_key + +# Lifetime and size of ephemeral version 1 server key +#KeyRegenerationInterval 3600 +#ServerKeyBits 768 + +# Logging +#obsoletes QuietMode and FascistLogging +#SyslogFacility AUTH +#LogLevel INFO + +# Authentication: + +#LoginGraceTime 120 +#PermitRootLogin yes +#StrictModes yes + +#RSAAuthentication yes +#PubkeyAuthentication yes +#AuthorizedKeysFile .ssh/authorized_keys + +# rhosts authentication should not be used +#RhostsAuthentication no +# Don't read the user's ~/.rhosts and ~/.shosts files +#IgnoreRhosts yes +# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts +#RhostsRSAAuthentication no +# similar for protocol version 2 +#HostbasedAuthentication no +# Change to yes if you don't trust ~/.ssh/known_hosts for +# RhostsRSAAuthentication and HostbasedAuthentication +#IgnoreUserKnownHosts no + +# To disable tunneled clear text passwords, change to no here! +#PasswordAuthentication yes +#PermitEmptyPasswords no + +# Change to no to disable s/key passwords +#ChallengeResponseAuthentication yes + +# Kerberos options +#KerberosAuthentication no +#KerberosOrLocalPasswd yes +#KerberosTicketCleanup yes + +#AFSTokenPassing no + +# Kerberos TGT Passing only works with the AFS kaserver +#KerberosTgtPassing no + +# Set this to 'yes' to enable PAM keyboard-interactive authentication +# Warning: enabling this may bypass the setting of 'PasswordAuthentication' +#PAMAuthenticationViaKbdInt no + +#X11Forwarding no +#X11DisplayOffset 10 +#X11UseLocalhost yes +#PrintMotd yes +#PrintLastLog yes +#KeepAlive yes +#UseLogin no +#UsePrivilegeSeparation yes +#PermitUserEnvironment no +Compression no + +#MaxStartups 10 +# no default banner path +#Banner /some/path +#VerifyReverseMapping no + +ClientAliveInterval 15 +ClientAliveCountMax 4 + +# override default of no subsystems +Subsystem sftp /usr/sbin/sftp-server diff --git a/openssh/openssh-3.8p1/configure.patch b/openssh/openssh-3.8p1/configure.patch index e69de29bb2..b35c941754 100644 --- a/openssh/openssh-3.8p1/configure.patch +++ b/openssh/openssh-3.8p1/configure.patch @@ -0,0 +1,1931 @@ + +# +# Patch managed by http://www.mn-logistik.de/unsupported/pxa250/patcher +# + +--- openssh-3.8p1/configure.ac~configure 2004-02-24 00:47:04.000000000 -0500 ++++ openssh-3.8p1/configure.ac 2004-03-17 16:17:16.000000000 -0500 +@@ -53,7 +53,7 @@ + AC_SUBST(LD) + + AC_C_INLINE +-if test "$GCC" = "yes" || test "$GCC" = "egcs"; then ++if test "$GCC" = "yes" || test "$GCC" = "egcs"; then + CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wno-uninitialized" + fi + +@@ -72,7 +72,7 @@ + # Check for some target-specific stuff + case "$host" in + *-*-aix*) +- AC_MSG_CHECKING([how to specify blibpath for linker ($LD)]) ++ AC_MSG_CHECKING([how to specify blibpath for linker ($LD)]) + if (test -z "$blibpath"); then + blibpath="/usr/lib:/lib" + fi +@@ -80,7 +80,7 @@ + for tryflags in -blibpath: -Wl,-blibpath: -Wl,-rpath, ;do + if (test -z "$blibflags"); then + LDFLAGS="$saved_LDFLAGS $tryflags$blibpath" +- AC_TRY_LINK([], [], [blibflags=$tryflags]) ++ AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[]])],[blibflags=$tryflags],[]) + fi + done + if (test -z "$blibflags"); then +@@ -100,13 +100,9 @@ + dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2) + AC_CHECK_DECL(loginfailed, + [AC_MSG_CHECKING(if loginfailed takes 4 arguments) +- AC_TRY_COMPILE( +- [#include <usersec.h>], +- [(void)loginfailed("user","host","tty",0);], +- [AC_MSG_RESULT(yes) +- AC_DEFINE(AIX_LOGINFAILED_4ARG)], +- [AC_MSG_RESULT(no)] +- )], ++ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <usersec.h>]], [[(void)loginfailed("user","host","tty",0);]])],[AC_MSG_RESULT(yes) ++ AC_DEFINE(AIX_LOGINFAILED_4ARG)],[AC_MSG_RESULT(no) ++ ])], + [], + [#include <usersec.h>] + ) +@@ -141,15 +137,13 @@ + ;; + *-*-darwin*) + AC_MSG_CHECKING(if we have working getaddrinfo) +- AC_TRY_RUN([#include <mach-o/dyld.h> ++ AC_RUN_IFELSE([AC_LANG_SOURCE([[#include <mach-o/dyld.h> + main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) + exit(0); + else + exit(1); +-}], [AC_MSG_RESULT(working)], +- [AC_MSG_RESULT(buggy) +- AC_DEFINE(BROKEN_GETADDRINFO)], +- [AC_MSG_RESULT(assume it is working)]) ++}]])],[AC_MSG_RESULT(working)],[AC_MSG_RESULT(buggy) ++ AC_DEFINE(BROKEN_GETADDRINFO)],[AC_MSG_RESULT(assume it is working)]) + AC_DEFINE(SETEUID_BREAKS_SETUID) + AC_DEFINE(BROKEN_SETREUID) + AC_DEFINE(BROKEN_SETREGID) +@@ -246,7 +240,7 @@ + *-*-netbsd*) + check_for_libcrypt_before=1 + if test "x$withval" != "xno" ; then +- need_dash_r=1 ++ need_dash_r=1 + fi + ;; + *-*-freebsd*) +@@ -473,16 +467,14 @@ + ) + + AC_MSG_CHECKING(compiler and flags for sanity) +-AC_TRY_RUN([ ++AC_RUN_IFELSE([AC_LANG_SOURCE([[ + #include <stdio.h> + int main(){exit(0);} +- ], +- [ AC_MSG_RESULT(yes) ], +- [ ++ ]])],[ AC_MSG_RESULT(yes) ],[ + AC_MSG_RESULT(no) + AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***]) +- ] +-) ++ ],[ AC_MSG_RESULT(yes) ++]) + + # Checks for header files. + AC_CHECK_HEADERS(bstring.h crypt.h endian.h features.h floatingpoint.h \ +@@ -514,8 +506,7 @@ + ac_cv_have_broken_dirname, [ + save_LIBS="$LIBS" + LIBS="$LIBS -lgen" +- AC_TRY_RUN( +- [ ++ AC_RUN_IFELSE([AC_LANG_SOURCE([[ + #include <libgen.h> + #include <string.h> + +@@ -530,10 +521,8 @@ + exit(0); + } + } +- ], +- [ ac_cv_have_broken_dirname="no" ], +- [ ac_cv_have_broken_dirname="yes" ] +- ) ++ ]])],[ ac_cv_have_broken_dirname="no" ],[ ac_cv_have_broken_dirname="yes" ++ ],[]) + LIBS="$save_LIBS" + ]) + if test "x$ac_cv_have_broken_dirname" = "xno" ; then +@@ -607,39 +596,36 @@ + ) + + AC_MSG_CHECKING(for zlib 1.1.4 or greater) +-AC_TRY_RUN([ +-#include <zlib.h> +-int main() +-{ +- int a, b, c, v; +- if (sscanf(ZLIB_VERSION, "%d.%d.%d", &a, &b, &c) != 3) +- exit(1); +- v = a*1000000 + b*1000 + c; +- if (v >= 1001004) +- exit(0); +- exit(2); +-} +- ], +- AC_MSG_RESULT(yes), +- [ AC_MSG_RESULT(no) +- if test -z "$zlib_check_nonfatal" ; then ++if test "x$zlib_check_nonfatal" = "x1"; then ++ AC_MSG_WARN([skipping zlib version check]) ++else ++ AC_RUN_IFELSE([AC_LANG_SOURCE([[ ++ #include <zlib.h> ++ int main() ++ { ++ int a, b, c, v; ++ if (sscanf(ZLIB_VERSION, "%d.%d.%d", &a, &b, &c) != 3) ++ exit(1); ++ v = a*1000000 + b*1000 + c; ++ if (v >= 1001004) ++ exit(0); ++ exit(2); ++ } ++ ]])],[AC_MSG_RESULT(yes)],[ AC_MSG_RESULT(no) + AC_MSG_ERROR([*** zlib too old - check config.log *** +-Your reported zlib version has known security problems. It's possible your +-vendor has fixed these problems without changing the version number. If you +-are sure this is the case, you can disable the check by running +-"./configure --without-zlib-version-check". +-If you are in doubt, upgrade zlib to version 1.1.4 or greater.]) +- else +- AC_MSG_WARN([zlib version may have security problems]) +- fi +- ] +-) ++ Your reported zlib version has known security problems. It's possible your ++ vendor has fixed these problems without changing the version number. If you ++ are sure this is the case, you can disable the check by running ++ "./configure --without-zlib-version-check". ++ If you are in doubt, upgrade zlib to version 1.1.4 or greater.]) ++ ],[]) ++fi + + dnl UnixWare 2.x +-AC_CHECK_FUNC(strcasecmp, ++AC_CHECK_FUNC(strcasecmp, + [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ] + ) +-AC_CHECK_FUNC(utimes, ++AC_CHECK_FUNC(utimes, + [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES) + LIBS="$LIBS -lc89"]) ] + ) +@@ -659,7 +645,7 @@ + #ifdef GLOB_ALTDIRFUNC + FOUNDIT + #endif +- ], ++ ], + [ + AC_DEFINE(GLOB_HAS_ALTDIRFUNC) + AC_MSG_RESULT(yes) +@@ -672,38 +658,37 @@ + # Check for g.gl_matchc glob() extension + AC_MSG_CHECKING(for gl_matchc field in glob_t) + AC_EGREP_CPP(FOUNDIT, +- [ +- #include <glob.h> ++ [ ++ #include <glob.h> + int main(void){glob_t g; g.gl_matchc = 1;} +- ], +- [ +- AC_DEFINE(GLOB_HAS_GL_MATCHC) +- AC_MSG_RESULT(yes) +- ], +- [ +- AC_MSG_RESULT(no) +- ] ++ ], ++ [ ++ AC_DEFINE(GLOB_HAS_GL_MATCHC) ++ AC_MSG_RESULT(yes) ++ ], ++ [ ++ AC_MSG_RESULT(no) ++ ] + ) + +-AC_MSG_CHECKING([whether struct dirent allocates space for d_name]) +-AC_TRY_RUN( +- [ +-#include <sys/types.h> +-#include <dirent.h> +-int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));} +- ], +- [AC_MSG_RESULT(yes)], +- [ +- AC_MSG_RESULT(no) +- AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME) +- ] +-) ++AC_CACHE_CHECK([whether struct dirent allocates space for d_name], ac_cv_have_space_d_name_in_struct_dirent, [ ++ AC_RUN_IFELSE([AC_LANG_SOURCE([[ ++ #include <sys/types.h> ++ #include <dirent.h> ++ int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));} ++ ]])],[ac_cv_have_space_d_name_in_struct_dirent="yes"],[ac_cv_have_space_d_name_in_struct_dirent="no" ++ ],[]) ++]) ++ ++if test "x$ac_cv_dirent_have_space_d_name" = "xyes" ; then ++ AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME) ++fi + + # Check whether user wants S/Key support +-SKEY_MSG="no" ++SKEY_MSG="no" + AC_ARG_WITH(skey, + [ --with-skey[[=PATH]] Enable S/Key support +- (optionally in PATH)], ++ (optionally in PATH)], + [ + if test "x$withval" != "xno" ; then + +@@ -714,20 +699,17 @@ + + AC_DEFINE(SKEY) + LIBS="-lskey $LIBS" +- SKEY_MSG="yes" ++ SKEY_MSG="yes" + + AC_MSG_CHECKING([for s/key support]) +- AC_TRY_RUN( +- [ ++ AC_RUN_IFELSE([AC_LANG_SOURCE([[ + #include <stdio.h> + #include <skey.h> + int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); } +- ], +- [AC_MSG_RESULT(yes)], +- [ ++ ]])],[AC_MSG_RESULT(yes)],[ + AC_MSG_RESULT(no) + AC_MSG_ERROR([** Incomplete or missing s/key libraries.]) +- ]) ++ ],[]) + fi + ] + ) +@@ -736,7 +718,7 @@ + TCPW_MSG="no" + AC_ARG_WITH(tcp-wrappers, + [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support +- (optionally in PATH)], ++ (optionally in PATH)], + [ + if test "x$withval" != "xno" ; then + saved_LIBS="$LIBS" +@@ -765,22 +747,18 @@ + LIBWRAP="-lwrap" + LIBS="$LIBWRAP $LIBS" + AC_MSG_CHECKING(for libwrap) +- AC_TRY_LINK( +- [ ++ AC_LINK_IFELSE([AC_LANG_PROGRAM([[ + #include <tcpd.h> + int deny_severity = 0, allow_severity = 0; +- ], +- [hosts_access(0);], +- [ ++ ]], [[hosts_access(0);]])],[ + AC_MSG_RESULT(yes) + AC_DEFINE(LIBWRAP) + AC_SUBST(LIBWRAP) + TCPW_MSG="yes" +- ], +- [ ++ ],[ + AC_MSG_ERROR([*** libwrap missing]) +- ] +- ) ++ ++ ]) + LIBS="$saved_LIBS" + fi + ] +@@ -805,17 +783,17 @@ + # IRIX has a const char return value for gai_strerror() + AC_CHECK_FUNCS(gai_strerror,[ + AC_DEFINE(HAVE_GAI_STRERROR) +- AC_TRY_COMPILE([ ++ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ + #include <sys/types.h> + #include <sys/socket.h> + #include <netdb.h> + +-const char *gai_strerror(int);],[ ++const char *gai_strerror(int);]], [[ + char *str; + +-str = gai_strerror(0);],[ ++str = gai_strerror(0);]])],[ + AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1, +- [Define if gai_strerror() returns const char *])])]) ++ [Define if gai_strerror() returns const char *])],[])]) + + AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP)) + +@@ -826,36 +804,32 @@ + dnl tcsendbreak might be a macro + AC_CHECK_DECL(tcsendbreak, + [AC_DEFINE(HAVE_TCSENDBREAK)], +- [AC_CHECK_FUNCS(tcsendbreak)], ++ [AC_CHECK_FUNCS(tcsendbreak)], + [#include <termios.h>] + ) + + AC_CHECK_FUNCS(setresuid, [ + dnl Some platorms have setresuid that isn't implemented, test for this + AC_MSG_CHECKING(if setresuid seems to work) +- AC_TRY_RUN([ ++ AC_LINK_IFELSE([AC_LANG_SOURCE([[ + #include <stdlib.h> + #include <errno.h> + int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);} +- ], +- [AC_MSG_RESULT(yes)], +- [AC_DEFINE(BROKEN_SETRESUID) +- AC_MSG_RESULT(not implemented)] +- ) ++ ]])],[AC_MSG_RESULT(yes)],[AC_DEFINE(BROKEN_SETRESUID) ++ AC_MSG_RESULT(not implemented) ++ ],[]) + ]) + + AC_CHECK_FUNCS(setresgid, [ + dnl Some platorms have setresgid that isn't implemented, test for this + AC_MSG_CHECKING(if setresgid seems to work) +- AC_TRY_RUN([ ++ AC_LINK_IFELSE([AC_LANG_SOURCE([[ + #include <stdlib.h> + #include <errno.h> + int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);} +- ], +- [AC_MSG_RESULT(yes)], +- [AC_DEFINE(BROKEN_SETRESGID) +- AC_MSG_RESULT(not implemented)] +- ) ++ ]])],[AC_MSG_RESULT(yes)],[AC_DEFINE(BROKEN_SETRESGID) ++ AC_MSG_RESULT(not implemented) ++ ],[]) + ]) + + dnl Checks for time functions +@@ -867,64 +841,59 @@ + AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline ) + AC_CHECK_FUNCS(setutxent utmpxname) + +-AC_CHECK_FUNC(daemon, ++AC_CHECK_FUNC(daemon, + [AC_DEFINE(HAVE_DAEMON)], + [AC_CHECK_LIB(bsd, daemon, [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])] + ) + +-AC_CHECK_FUNC(getpagesize, ++AC_CHECK_FUNC(getpagesize, + [AC_DEFINE(HAVE_GETPAGESIZE)], + [AC_CHECK_LIB(ucb, getpagesize, [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])] + ) + + # Check for broken snprintf + if test "x$ac_cv_func_snprintf" = "xyes" ; then +- AC_MSG_CHECKING([whether snprintf correctly terminates long strings]) +- AC_TRY_RUN( +- [ ++AC_CACHE_CHECK([whether snprintf correctly terminates long strings], ++ ac_cv_have_broken_snprintf, [ ++ AC_RUN_IFELSE([AC_LANG_SOURCE([[ + #include <stdio.h> + int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');} +- ], +- [AC_MSG_RESULT(yes)], +- [ +- AC_MSG_RESULT(no) +- AC_DEFINE(BROKEN_SNPRINTF) +- AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor]) +- ] +- ) ++ ]])],[ ac_cv_have_broken_snprintf="no" ],[ ac_cv_have_broken_snprintf="yes" ++ ],[]) ++]) ++if test "x$ac_cv_have_broken_snprintf" = "xyes" ; then ++ AC_DEFINE(BROKEN_SNPRINTF) ++ AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor]) ++fi + fi + + dnl see whether mkstemp() requires XXXXXX + if test "x$ac_cv_func_mkdtemp" = "xyes" ; then + AC_MSG_CHECKING([for (overly) strict mkstemp]) +-AC_TRY_RUN( +- [ ++AC_RUN_IFELSE([AC_LANG_SOURCE([[ + #include <stdlib.h> + main() { char template[]="conftest.mkstemp-test"; + if (mkstemp(template) == -1) + exit(1); + unlink(template); exit(0); + } +- ], +- [ ++ ]])],[ + AC_MSG_RESULT(no) +- ], +- [ ++ ],[ + AC_MSG_RESULT(yes) + AC_DEFINE(HAVE_STRICT_MKSTEMP) +- ], +- [ ++ ],[ + AC_MSG_RESULT(yes) + AC_DEFINE(HAVE_STRICT_MKSTEMP) +- ] +-) ++ ++]) + fi + + dnl make sure that openpty does not reacquire controlling terminal + if test ! -z "$check_for_openpty_ctty_bug"; then +- AC_MSG_CHECKING(if openpty correctly handles controlling tty) +- AC_TRY_RUN( +- [ ++AC_CACHE_CHECK([if openpty acquires controlling terminal], ++ ac_cv_have_openpty_ctty_bug, [ ++ AC_RUN_IFELSE([AC_LANG_SOURCE([[ + #include <stdio.h> + #include <sys/fcntl.h> + #include <sys/types.h> +@@ -941,7 +910,7 @@ + exit(1); + } else if (pid > 0) { /* parent */ + waitpid(pid, &status, 0); +- if (WIFEXITED(status)) ++ if (WIFEXITED(status)) + exit(WEXITSTATUS(status)); + else + exit(2); +@@ -956,15 +925,12 @@ + exit(0); /* Did not acquire ctty: OK */ + } + } +- ], +- [ +- AC_MSG_RESULT(yes) +- ], +- [ +- AC_MSG_RESULT(no) +- AC_DEFINE(SSHD_ACQUIRES_CTTY) +- ] +- ) ++ ]])],[ ac_cv_have_openpty_ctty_bug="no" ],[ ac_cv_have_openpty_ctty_bug="yes" ++ ],[]) ++]) ++if test "x$ac_cv_have_openpty_ctty_bug" = "xyes" ; then ++ AC_DEFINE(SSHD_ACQUIRES_CTTY) ++fi + fi + + AC_FUNC_GETPGRP +@@ -1002,23 +968,19 @@ + if test "x$PAM_MSG" = "xyes" ; then + # Check PAM strerror arguments (old PAM) + AC_MSG_CHECKING([whether pam_strerror takes only one argument]) +- AC_TRY_COMPILE( +- [ ++ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ + #include <stdlib.h> + #if defined(HAVE_SECURITY_PAM_APPL_H) + #include <security/pam_appl.h> + #elif defined (HAVE_PAM_PAM_APPL_H) + #include <pam/pam_appl.h> + #endif +- ], +- [(void)pam_strerror((pam_handle_t *)NULL, -1);], +- [AC_MSG_RESULT(no)], +- [ ++ ]], [[(void)pam_strerror((pam_handle_t *)NULL, -1);]])],[AC_MSG_RESULT(no)],[ + AC_DEFINE(HAVE_OLD_PAM) + AC_MSG_RESULT(yes) + PAM_MSG="yes (old library)" +- ] +- ) ++ ++ ]) + fi + + # Search for OpenSSL +@@ -1069,87 +1031,87 @@ + + # Determine OpenSSL header version + AC_MSG_CHECKING([OpenSSL header version]) +-AC_TRY_RUN( +- [ ++AC_RUN_IFELSE([AC_LANG_SOURCE([[ + #include <stdio.h> + #include <string.h> + #include <openssl/opensslv.h> + #define DATA "conftest.sslincver" + int main(void) { +- FILE *fd; +- int rc; ++ FILE *fd; ++ int rc; + +- fd = fopen(DATA,"w"); +- if(fd == NULL) +- exit(1); ++ fd = fopen(DATA,"w"); ++ if(fd == NULL) ++ exit(1); + + if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0) + exit(1); + + exit(0); + } +- ], +- [ ++ ]])],[ + ssl_header_ver=`cat conftest.sslincver` + AC_MSG_RESULT($ssl_header_ver) +- ], +- [ ++ ],[ + AC_MSG_RESULT(not found) + AC_MSG_ERROR(OpenSSL version header not found.) +- ] +-) ++ ],[ ++ AC_MSG_RESULT(unknown) ++ AC_MSG_WARN(Skipping OpenSSL header version check due to crosscompilation.) ++ ++]) + + # Determine OpenSSL library version + AC_MSG_CHECKING([OpenSSL library version]) +-AC_TRY_RUN( +- [ ++AC_RUN_IFELSE([AC_LANG_SOURCE([[ + #include <stdio.h> + #include <string.h> + #include <openssl/opensslv.h> + #include <openssl/crypto.h> + #define DATA "conftest.ssllibver" + int main(void) { +- FILE *fd; +- int rc; ++ FILE *fd; ++ int rc; + +- fd = fopen(DATA,"w"); +- if(fd == NULL) +- exit(1); ++ fd = fopen(DATA,"w"); ++ if(fd == NULL) ++ exit(1); + + if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0) + exit(1); + + exit(0); + } +- ], +- [ ++ ]])],[ + ssl_library_ver=`cat conftest.ssllibver` + AC_MSG_RESULT($ssl_library_ver) +- ], +- [ ++ ],[ + AC_MSG_RESULT(not found) + AC_MSG_ERROR(OpenSSL library not found.) +- ] +-) ++ ],[ ++ AC_MSG_RESULT(unknown) ++ AC_MSG_WARN(Skipping OpenSSL library version check due to crosscompilation.) ++ ++]) + + # Sanity check OpenSSL headers + AC_MSG_CHECKING([whether OpenSSL's headers match the library]) +-AC_TRY_RUN( +- [ ++AC_RUN_IFELSE([AC_LANG_SOURCE([[ + #include <string.h> + #include <openssl/opensslv.h> + int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); } +- ], +- [ ++ ]])],[ + AC_MSG_RESULT(yes) +- ], +- [ ++ ],[ + AC_MSG_RESULT(no) + AC_MSG_ERROR([Your OpenSSL headers do not match your library. + Check config.log for details. + Also see contrib/findssl.sh for help identifying header/library mismatches.]) +- ] +-) ++ ],[ ++ AC_MSG_RESULT(unknown) ++ AC_MSG_WARN(Skipping OpenSSL version comparison due to crosscompilation.) ++ ++]) + + # Some systems want crypt() from libcrypt, *not* the version in OpenSSL, + # because the system crypt() is more featureful. +@@ -1157,42 +1119,20 @@ + AC_CHECK_LIB(crypt, crypt) + fi + +-# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the ++# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the + # version in OpenSSL. + if test "x$check_for_libcrypt_later" = "x1"; then + AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt") + fi + +- + ### Configure cryptographic random number support + +-# Check wheter OpenSSL seeds itself +-AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded]) +-AC_TRY_RUN( +- [ +-#include <string.h> +-#include <openssl/rand.h> +-int main(void) { exit(RAND_status() == 1 ? 0 : 1); } +- ], +- [ +- OPENSSL_SEEDS_ITSELF=yes +- AC_MSG_RESULT(yes) +- ], +- [ +- AC_MSG_RESULT(no) +- # Default to use of the rand helper if OpenSSL doesn't +- # seed itself +- USE_RAND_HELPER=yes +- ] +-) +- +- + # Do we want to force the use of the rand helper? + AC_ARG_WITH(rand-helper, + [ --with-rand-helper Use subprocess to gather strong randomness ], + [ + if test "x$withval" = "xno" ; then +- # Force use of OpenSSL's internal RNG, even if ++ # Force use of OpenSSL's internal RNG, even if + # the previous test showed it to be unseeded. + if test -z "$OPENSSL_SEEDS_ITSELF" ; then + AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG]) +@@ -1203,6 +1143,24 @@ + USE_RAND_HELPER=yes + fi + ], ++ # Check whether OpenSSL seeds itself ++ [ ++ AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded]) ++ AC_RUN_IFELSE([AC_LANG_SOURCE([[ ++ #include <string.h> ++ #include <openssl/rand.h> ++ int main(void) { exit(RAND_status() == 1 ? 0 : 1); } ++ ]])],[ ++ OPENSSL_SEEDS_ITSELF=yes ++ AC_MSG_RESULT(yes) ++ ],[ ++ AC_MSG_RESULT(no) ++ # Default to use of the rand helper if OpenSSL doesn't ++ # seed itself ++ USE_RAND_HELPER=yes ++ ++ ],[]) ++ ] + ) + + # Which randomness source do we use? +@@ -1329,7 +1287,7 @@ + test -d /usr/sbin && PATH=$PATH:/usr/sbin + PATH=$PATH:/etc:$OPATH + +-# These programs are used by the command hashing source to gather entropy ++# These programs are used by the command hashing source to gather entropy + OSSH_PATH_ENTROPY_PROG(PROG_LS, ls) + OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat) + OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp) +@@ -1384,12 +1342,8 @@ + + # More checks for data types + AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [ +- AC_TRY_COMPILE( +- [ #include <sys/types.h> ], +- [ u_int a; a = 1;], +- [ ac_cv_have_u_int="yes" ], +- [ ac_cv_have_u_int="no" ] +- ) ++ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/types.h> ]], [[ u_int a; a = 1;]])],[ ac_cv_have_u_int="yes" ],[ ac_cv_have_u_int="no" ++ ]) + ]) + if test "x$ac_cv_have_u_int" = "xyes" ; then + AC_DEFINE(HAVE_U_INT) +@@ -1397,12 +1351,8 @@ + fi + + AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [ +- AC_TRY_COMPILE( +- [ #include <sys/types.h> ], +- [ int8_t a; int16_t b; int32_t c; a = b = c = 1;], +- [ ac_cv_have_intxx_t="yes" ], +- [ ac_cv_have_intxx_t="no" ] +- ) ++ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/types.h> ]], [[ int8_t a; int16_t b; int32_t c; a = b = c = 1;]])],[ ac_cv_have_intxx_t="yes" ],[ ac_cv_have_intxx_t="no" ++ ]) + ]) + if test "x$ac_cv_have_intxx_t" = "xyes" ; then + AC_DEFINE(HAVE_INTXX_T) +@@ -1410,23 +1360,18 @@ + fi + + if (test -z "$have_intxx_t" && \ +- test "x$ac_cv_header_stdint_h" = "xyes") ++ test "x$ac_cv_header_stdint_h" = "xyes") + then + AC_MSG_CHECKING([for intXX_t types in stdint.h]) +- AC_TRY_COMPILE( +- [ #include <stdint.h> ], +- [ int8_t a; int16_t b; int32_t c; a = b = c = 1;], +- [ ++ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <stdint.h> ]], [[ int8_t a; int16_t b; int32_t c; a = b = c = 1;]])],[ + AC_DEFINE(HAVE_INTXX_T) + AC_MSG_RESULT(yes) +- ], +- [ AC_MSG_RESULT(no) ] +- ) ++ ],[ AC_MSG_RESULT(no) ++ ]) + fi + + AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [ +- AC_TRY_COMPILE( +- [ ++ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ + #include <sys/types.h> + #ifdef HAVE_STDINT_H + # include <stdint.h> +@@ -1435,23 +1380,16 @@ + #ifdef HAVE_SYS_BITYPES_H + # include <sys/bitypes.h> + #endif +- ], +- [ int64_t a; a = 1;], +- [ ac_cv_have_int64_t="yes" ], +- [ ac_cv_have_int64_t="no" ] +- ) ++ ]], [[ int64_t a; a = 1;]])],[ ac_cv_have_int64_t="yes" ],[ ac_cv_have_int64_t="no" ++ ]) + ]) + if test "x$ac_cv_have_int64_t" = "xyes" ; then + AC_DEFINE(HAVE_INT64_T) + fi + + AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [ +- AC_TRY_COMPILE( +- [ #include <sys/types.h> ], +- [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;], +- [ ac_cv_have_u_intxx_t="yes" ], +- [ ac_cv_have_u_intxx_t="no" ] +- ) ++ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/types.h> ]], [[ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;]])],[ ac_cv_have_u_intxx_t="yes" ],[ ac_cv_have_u_intxx_t="no" ++ ]) + ]) + if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then + AC_DEFINE(HAVE_U_INTXX_T) +@@ -1460,24 +1398,16 @@ + + if test -z "$have_u_intxx_t" ; then + AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h]) +- AC_TRY_COMPILE( +- [ #include <sys/socket.h> ], +- [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;], +- [ ++ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/socket.h> ]], [[ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;]])],[ + AC_DEFINE(HAVE_U_INTXX_T) + AC_MSG_RESULT(yes) +- ], +- [ AC_MSG_RESULT(no) ] +- ) ++ ],[ AC_MSG_RESULT(no) ++ ]) + fi + + AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [ +- AC_TRY_COMPILE( +- [ #include <sys/types.h> ], +- [ u_int64_t a; a = 1;], +- [ ac_cv_have_u_int64_t="yes" ], +- [ ac_cv_have_u_int64_t="no" ] +- ) ++ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/types.h> ]], [[ u_int64_t a; a = 1;]])],[ ac_cv_have_u_int64_t="yes" ],[ ac_cv_have_u_int64_t="no" ++ ]) + ]) + if test "x$ac_cv_have_u_int64_t" = "xyes" ; then + AC_DEFINE(HAVE_U_INT64_T) +@@ -1486,27 +1416,19 @@ + + if test -z "$have_u_int64_t" ; then + AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h]) +- AC_TRY_COMPILE( +- [ #include <sys/bitypes.h> ], +- [ u_int64_t a; a = 1], +- [ ++ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/bitypes.h> ]], [[ u_int64_t a; a = 1]])],[ + AC_DEFINE(HAVE_U_INT64_T) + AC_MSG_RESULT(yes) +- ], +- [ AC_MSG_RESULT(no) ] +- ) ++ ],[ AC_MSG_RESULT(no) ++ ]) + fi + + if test -z "$have_u_intxx_t" ; then + AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [ +- AC_TRY_COMPILE( +- [ ++ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ + #include <sys/types.h> +- ], +- [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ], +- [ ac_cv_have_uintxx_t="yes" ], +- [ ac_cv_have_uintxx_t="no" ] +- ) ++ ]], [[ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ]])],[ ac_cv_have_uintxx_t="yes" ],[ ac_cv_have_uintxx_t="no" ++ ]) + ]) + if test "x$ac_cv_have_uintxx_t" = "xyes" ; then + AC_DEFINE(HAVE_UINTXX_T) +@@ -1515,49 +1437,37 @@ + + if test -z "$have_uintxx_t" ; then + AC_MSG_CHECKING([for uintXX_t types in stdint.h]) +- AC_TRY_COMPILE( +- [ #include <stdint.h> ], +- [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;], +- [ ++ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <stdint.h> ]], [[ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;]])],[ + AC_DEFINE(HAVE_UINTXX_T) + AC_MSG_RESULT(yes) +- ], +- [ AC_MSG_RESULT(no) ] +- ) ++ ],[ AC_MSG_RESULT(no) ++ ]) + fi + + if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \ +- test "x$ac_cv_header_sys_bitypes_h" = "xyes") ++ test "x$ac_cv_header_sys_bitypes_h" = "xyes") + then + AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h]) +- AC_TRY_COMPILE( +- [ ++ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ + #include <sys/bitypes.h> +- ], +- [ ++ ]], [[ + int8_t a; int16_t b; int32_t c; + u_int8_t e; u_int16_t f; u_int32_t g; + a = b = c = e = f = g = 1; +- ], +- [ ++ ]])],[ + AC_DEFINE(HAVE_U_INTXX_T) + AC_DEFINE(HAVE_INTXX_T) + AC_MSG_RESULT(yes) +- ], +- [AC_MSG_RESULT(no)] +- ) ++ ],[AC_MSG_RESULT(no) ++ ]) + fi + + + AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [ +- AC_TRY_COMPILE( +- [ ++ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ + #include <sys/types.h> +- ], +- [ u_char foo; foo = 125; ], +- [ ac_cv_have_u_char="yes" ], +- [ ac_cv_have_u_char="no" ] +- ) ++ ]], [[ u_char foo; foo = 125; ]])],[ ac_cv_have_u_char="yes" ],[ ac_cv_have_u_char="no" ++ ]) + ]) + if test "x$ac_cv_have_u_char" = "xyes" ; then + AC_DEFINE(HAVE_U_CHAR) +@@ -1568,95 +1478,66 @@ + AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>]) + + AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [ +- AC_TRY_COMPILE( +- [ ++ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ + #include <sys/types.h> +- ], +- [ size_t foo; foo = 1235; ], +- [ ac_cv_have_size_t="yes" ], +- [ ac_cv_have_size_t="no" ] +- ) ++ ]], [[ size_t foo; foo = 1235; ]])],[ ac_cv_have_size_t="yes" ],[ ac_cv_have_size_t="no" ++ ]) + ]) + if test "x$ac_cv_have_size_t" = "xyes" ; then + AC_DEFINE(HAVE_SIZE_T) + fi + + AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [ +- AC_TRY_COMPILE( +- [ ++ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ + #include <sys/types.h> +- ], +- [ ssize_t foo; foo = 1235; ], +- [ ac_cv_have_ssize_t="yes" ], +- [ ac_cv_have_ssize_t="no" ] +- ) ++ ]], [[ ssize_t foo; foo = 1235; ]])],[ ac_cv_have_ssize_t="yes" ],[ ac_cv_have_ssize_t="no" ++ ]) + ]) + if test "x$ac_cv_have_ssize_t" = "xyes" ; then + AC_DEFINE(HAVE_SSIZE_T) + fi + + AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [ +- AC_TRY_COMPILE( +- [ ++ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ + #include <time.h> +- ], +- [ clock_t foo; foo = 1235; ], +- [ ac_cv_have_clock_t="yes" ], +- [ ac_cv_have_clock_t="no" ] +- ) ++ ]], [[ clock_t foo; foo = 1235; ]])],[ ac_cv_have_clock_t="yes" ],[ ac_cv_have_clock_t="no" ++ ]) + ]) + if test "x$ac_cv_have_clock_t" = "xyes" ; then + AC_DEFINE(HAVE_CLOCK_T) + fi + + AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [ +- AC_TRY_COMPILE( +- [ ++ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ + #include <sys/types.h> + #include <sys/socket.h> +- ], +- [ sa_family_t foo; foo = 1235; ], +- [ ac_cv_have_sa_family_t="yes" ], +- [ AC_TRY_COMPILE( +- [ ++ ]], [[ sa_family_t foo; foo = 1235; ]])],[ ac_cv_have_sa_family_t="yes" ],[ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ + #include <sys/types.h> + #include <sys/socket.h> + #include <netinet/in.h> +- ], +- [ sa_family_t foo; foo = 1235; ], +- [ ac_cv_have_sa_family_t="yes" ], +- +- [ ac_cv_have_sa_family_t="no" ] +- )] +- ) ++ ]], [[ sa_family_t foo; foo = 1235; ]])],[ ac_cv_have_sa_family_t="yes" ],[ ac_cv_have_sa_family_t="no" ++ ]) ++ ]) + ]) + if test "x$ac_cv_have_sa_family_t" = "xyes" ; then + AC_DEFINE(HAVE_SA_FAMILY_T) + fi + + AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [ +- AC_TRY_COMPILE( +- [ ++ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ + #include <sys/types.h> +- ], +- [ pid_t foo; foo = 1235; ], +- [ ac_cv_have_pid_t="yes" ], +- [ ac_cv_have_pid_t="no" ] +- ) ++ ]], [[ pid_t foo; foo = 1235; ]])],[ ac_cv_have_pid_t="yes" ],[ ac_cv_have_pid_t="no" ++ ]) + ]) + if test "x$ac_cv_have_pid_t" = "xyes" ; then + AC_DEFINE(HAVE_PID_T) + fi + + AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [ +- AC_TRY_COMPILE( +- [ ++ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ + #include <sys/types.h> +- ], +- [ mode_t foo; foo = 1235; ], +- [ ac_cv_have_mode_t="yes" ], +- [ ac_cv_have_mode_t="no" ] +- ) ++ ]], [[ mode_t foo; foo = 1235; ]])],[ ac_cv_have_mode_t="yes" ],[ ac_cv_have_mode_t="no" ++ ]) + ]) + if test "x$ac_cv_have_mode_t" = "xyes" ; then + AC_DEFINE(HAVE_MODE_T) +@@ -1664,73 +1545,53 @@ + + + AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [ +- AC_TRY_COMPILE( +- [ ++ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ + #include <sys/types.h> + #include <sys/socket.h> +- ], +- [ struct sockaddr_storage s; ], +- [ ac_cv_have_struct_sockaddr_storage="yes" ], +- [ ac_cv_have_struct_sockaddr_storage="no" ] +- ) ++ ]], [[ struct sockaddr_storage s; ]])],[ ac_cv_have_struct_sockaddr_storage="yes" ],[ ac_cv_have_struct_sockaddr_storage="no" ++ ]) + ]) + if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then + AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE) + fi + + AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [ +- AC_TRY_COMPILE( +- [ ++ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ + #include <sys/types.h> + #include <netinet/in.h> +- ], +- [ struct sockaddr_in6 s; s.sin6_family = 0; ], +- [ ac_cv_have_struct_sockaddr_in6="yes" ], +- [ ac_cv_have_struct_sockaddr_in6="no" ] +- ) ++ ]], [[ struct sockaddr_in6 s; s.sin6_family = 0; ]])],[ ac_cv_have_struct_sockaddr_in6="yes" ],[ ac_cv_have_struct_sockaddr_in6="no" ++ ]) + ]) + if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then + AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6) + fi + + AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [ +- AC_TRY_COMPILE( +- [ ++ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ + #include <sys/types.h> + #include <netinet/in.h> +- ], +- [ struct in6_addr s; s.s6_addr[0] = 0; ], +- [ ac_cv_have_struct_in6_addr="yes" ], +- [ ac_cv_have_struct_in6_addr="no" ] +- ) ++ ]], [[ struct in6_addr s; s.s6_addr[0] = 0; ]])],[ ac_cv_have_struct_in6_addr="yes" ],[ ac_cv_have_struct_in6_addr="no" ++ ]) + ]) + if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then + AC_DEFINE(HAVE_STRUCT_IN6_ADDR) + fi + + AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [ +- AC_TRY_COMPILE( +- [ ++ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ + #include <sys/types.h> + #include <sys/socket.h> + #include <netdb.h> +- ], +- [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ], +- [ ac_cv_have_struct_addrinfo="yes" ], +- [ ac_cv_have_struct_addrinfo="no" ] +- ) ++ ]], [[ struct addrinfo s; s.ai_flags = AI_PASSIVE; ]])],[ ac_cv_have_struct_addrinfo="yes" ],[ ac_cv_have_struct_addrinfo="no" ++ ]) + ]) + if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then + AC_DEFINE(HAVE_STRUCT_ADDRINFO) + fi + + AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [ +- AC_TRY_COMPILE( +- [ #include <sys/time.h> ], +- [ struct timeval tv; tv.tv_sec = 1;], +- [ ac_cv_have_struct_timeval="yes" ], +- [ ac_cv_have_struct_timeval="no" ] +- ) ++ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/time.h> ]], [[ struct timeval tv; tv.tv_sec = 1;]])],[ ac_cv_have_struct_timeval="yes" ],[ ac_cv_have_struct_timeval="no" ++ ]) + ]) + if test "x$ac_cv_have_struct_timeval" = "xyes" ; then + AC_DEFINE(HAVE_STRUCT_TIMEVAL) +@@ -1749,32 +1610,42 @@ + exit 1; + else + dnl test snprintf (broken on SCO w/gcc) +- AC_TRY_RUN( +- [ +-#include <stdio.h> +-#include <string.h> +-#ifdef HAVE_SNPRINTF +-main() +-{ +- char buf[50]; +- char expected_out[50]; +- int mazsize = 50 ; +-#if (SIZEOF_LONG_INT == 8) +- long int num = 0x7fffffffffffffff; +-#else +- long long num = 0x7fffffffffffffffll; +-#endif +- strcpy(expected_out, "9223372036854775807"); +- snprintf(buf, mazsize, "%lld", num); +- if(strcmp(buf, expected_out) != 0) +- exit(1); +- exit(0); +-} +-#else +-main() { exit(0); } +-#endif +- ], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ] +- ) ++ if test "x$ac_cv_have_broken_snprintf" != "xyes" ; then ++# no need to test again if we already know its broken :) ++ AC_CACHE_CHECK([whether snprintf is broken], ++ ac_cv_have_broken_snprintf, [ ++ AC_RUN_IFELSE([AC_LANG_SOURCE([[ ++ #include <stdio.h> ++ #include <string.h> ++ #ifdef HAVE_SNPRINTF ++ main() ++ { ++ char buf[50]; ++ char expected_out[50]; ++ int mazsize = 50 ; ++ #if (SIZEOF_LONG_INT == 8) ++ long int num = 0x7fffffffffffffff; ++ #else ++ long long num = 0x7fffffffffffffffll; ++ #endif ++ strcpy(expected_out, "9223372036854775807"); ++ snprintf(buf, mazsize, "%lld", num); ++ if(strcmp(buf, expected_out) != 0) ++ exit(1); ++ exit(0); ++ } ++ #else ++ main() { exit(0); } ++ #endif ++ ]])],[ true ],[ ++ ac_cv_have_broken_snprintf="yes" ++ ++ ],[]) ++ ]) ++ if test "x$ac_cv_have_broken_snprintf" = "xyes" ; then ++ AC_DEFINE(BROKEN_SNPRINTF) ++ fi ++ fi + fi + + dnl Checks for structure members +@@ -1800,15 +1671,10 @@ + + AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage], + ac_cv_have_ss_family_in_struct_ss, [ +- AC_TRY_COMPILE( +- [ ++ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ + #include <sys/types.h> + #include <sys/socket.h> +- ], +- [ struct sockaddr_storage s; s.ss_family = 1; ], +- [ ac_cv_have_ss_family_in_struct_ss="yes" ], +- [ ac_cv_have_ss_family_in_struct_ss="no" ], +- ) ++ ]], [[ struct sockaddr_storage s; s.ss_family = 1; ]])],[ ac_cv_have_ss_family_in_struct_ss="yes" ],[ ac_cv_have_ss_family_in_struct_ss="no" ]) + ]) + if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then + AC_DEFINE(HAVE_SS_FAMILY_IN_SS) +@@ -1816,15 +1682,11 @@ + + AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage], + ac_cv_have___ss_family_in_struct_ss, [ +- AC_TRY_COMPILE( +- [ ++ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ + #include <sys/types.h> + #include <sys/socket.h> +- ], +- [ struct sockaddr_storage s; s.__ss_family = 1; ], +- [ ac_cv_have___ss_family_in_struct_ss="yes" ], +- [ ac_cv_have___ss_family_in_struct_ss="no" ] +- ) ++ ]], [[ struct sockaddr_storage s; s.__ss_family = 1; ]])],[ ac_cv_have___ss_family_in_struct_ss="yes" ],[ ac_cv_have___ss_family_in_struct_ss="no" ++ ]) + ]) + if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then + AC_DEFINE(HAVE___SS_FAMILY_IN_SS) +@@ -1832,14 +1694,10 @@ + + AC_CACHE_CHECK([for pw_class field in struct passwd], + ac_cv_have_pw_class_in_struct_passwd, [ +- AC_TRY_COMPILE( +- [ ++ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ + #include <pwd.h> +- ], +- [ struct passwd p; p.pw_class = 0; ], +- [ ac_cv_have_pw_class_in_struct_passwd="yes" ], +- [ ac_cv_have_pw_class_in_struct_passwd="no" ] +- ) ++ ]], [[ struct passwd p; p.pw_class = 0; ]])],[ ac_cv_have_pw_class_in_struct_passwd="yes" ],[ ac_cv_have_pw_class_in_struct_passwd="no" ++ ]) + ]) + if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then + AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD) +@@ -1847,14 +1705,10 @@ + + AC_CACHE_CHECK([for pw_expire field in struct passwd], + ac_cv_have_pw_expire_in_struct_passwd, [ +- AC_TRY_COMPILE( +- [ ++ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ + #include <pwd.h> +- ], +- [ struct passwd p; p.pw_expire = 0; ], +- [ ac_cv_have_pw_expire_in_struct_passwd="yes" ], +- [ ac_cv_have_pw_expire_in_struct_passwd="no" ] +- ) ++ ]], [[ struct passwd p; p.pw_expire = 0; ]])],[ ac_cv_have_pw_expire_in_struct_passwd="yes" ],[ ac_cv_have_pw_expire_in_struct_passwd="no" ++ ]) + ]) + if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then + AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD) +@@ -1862,14 +1716,10 @@ + + AC_CACHE_CHECK([for pw_change field in struct passwd], + ac_cv_have_pw_change_in_struct_passwd, [ +- AC_TRY_COMPILE( +- [ ++ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ + #include <pwd.h> +- ], +- [ struct passwd p; p.pw_change = 0; ], +- [ ac_cv_have_pw_change_in_struct_passwd="yes" ], +- [ ac_cv_have_pw_change_in_struct_passwd="no" ] +- ) ++ ]], [[ struct passwd p; p.pw_change = 0; ]])],[ ac_cv_have_pw_change_in_struct_passwd="yes" ],[ ac_cv_have_pw_change_in_struct_passwd="no" ++ ]) + ]) + if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then + AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD) +@@ -1878,8 +1728,7 @@ + dnl make sure we're using the real structure members and not defines + AC_CACHE_CHECK([for msg_accrights field in struct msghdr], + ac_cv_have_accrights_in_msghdr, [ +- AC_TRY_RUN( +- [ ++ AC_RUN_IFELSE([AC_LANG_SOURCE([[ + #include <sys/types.h> + #include <sys/socket.h> + #include <sys/uio.h> +@@ -1891,10 +1740,8 @@ + m.msg_accrights = 0; + exit(0); + } +- ], +- [ ac_cv_have_accrights_in_msghdr="yes" ], +- [ ac_cv_have_accrights_in_msghdr="no" ] +- ) ++ ]])],[ ac_cv_have_accrights_in_msghdr="yes" ],[ ac_cv_have_accrights_in_msghdr="no" ++ ],[]) + ]) + if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then + AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR) +@@ -1902,8 +1749,7 @@ + + AC_CACHE_CHECK([for msg_control field in struct msghdr], + ac_cv_have_control_in_msghdr, [ +- AC_TRY_RUN( +- [ ++ AC_RUN_IFELSE([AC_LANG_SOURCE([[ + #include <sys/types.h> + #include <sys/socket.h> + #include <sys/uio.h> +@@ -1915,47 +1761,36 @@ + m.msg_control = 0; + exit(0); + } +- ], +- [ ac_cv_have_control_in_msghdr="yes" ], +- [ ac_cv_have_control_in_msghdr="no" ] +- ) ++ ]])],[ ac_cv_have_control_in_msghdr="yes" ],[ ac_cv_have_control_in_msghdr="no" ++ ],[]) + ]) + if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then + AC_DEFINE(HAVE_CONTROL_IN_MSGHDR) + fi + + AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [ +- AC_TRY_LINK([], +- [ extern char *__progname; printf("%s", __progname); ], +- [ ac_cv_libc_defines___progname="yes" ], +- [ ac_cv_libc_defines___progname="no" ] +- ) ++ AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[ extern char *__progname; printf("%s", __progname); ]])],[ ac_cv_libc_defines___progname="yes" ],[ ac_cv_libc_defines___progname="no" ++ ]) + ]) + if test "x$ac_cv_libc_defines___progname" = "xyes" ; then + AC_DEFINE(HAVE___PROGNAME) + fi + + AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [ +- AC_TRY_LINK([ ++ AC_LINK_IFELSE([AC_LANG_PROGRAM([[ + #include <stdio.h> +-], +- [ printf("%s", __FUNCTION__); ], +- [ ac_cv_cc_implements___FUNCTION__="yes" ], +- [ ac_cv_cc_implements___FUNCTION__="no" ] +- ) ++]], [[ printf("%s", __FUNCTION__); ]])],[ ac_cv_cc_implements___FUNCTION__="yes" ],[ ac_cv_cc_implements___FUNCTION__="no" ++ ]) + ]) + if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then + AC_DEFINE(HAVE___FUNCTION__) + fi + + AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [ +- AC_TRY_LINK([ ++ AC_LINK_IFELSE([AC_LANG_PROGRAM([[ + #include <stdio.h> +-], +- [ printf("%s", __func__); ], +- [ ac_cv_cc_implements___func__="yes" ], +- [ ac_cv_cc_implements___func__="no" ] +- ) ++]], [[ printf("%s", __func__); ]])],[ ac_cv_cc_implements___func__="yes" ],[ ac_cv_cc_implements___func__="no" ++ ]) + ]) + if test "x$ac_cv_cc_implements___func__" = "xyes" ; then + AC_DEFINE(HAVE___func__) +@@ -1963,25 +1798,18 @@ + + AC_CACHE_CHECK([whether getopt has optreset support], + ac_cv_have_getopt_optreset, [ +- AC_TRY_LINK( +- [ ++ AC_LINK_IFELSE([AC_LANG_PROGRAM([[ + #include <getopt.h> +- ], +- [ extern int optreset; optreset = 0; ], +- [ ac_cv_have_getopt_optreset="yes" ], +- [ ac_cv_have_getopt_optreset="no" ] +- ) ++ ]], [[ extern int optreset; optreset = 0; ]])],[ ac_cv_have_getopt_optreset="yes" ],[ ac_cv_have_getopt_optreset="no" ++ ]) + ]) + if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then + AC_DEFINE(HAVE_GETOPT_OPTRESET) + fi + + AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [ +- AC_TRY_LINK([], +- [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);], +- [ ac_cv_libc_defines_sys_errlist="yes" ], +- [ ac_cv_libc_defines_sys_errlist="no" ] +- ) ++ AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);]])],[ ac_cv_libc_defines_sys_errlist="yes" ],[ ac_cv_libc_defines_sys_errlist="no" ++ ]) + ]) + if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then + AC_DEFINE(HAVE_SYS_ERRLIST) +@@ -1989,17 +1817,14 @@ + + + AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [ +- AC_TRY_LINK([], +- [ extern int sys_nerr; printf("%i", sys_nerr);], +- [ ac_cv_libc_defines_sys_nerr="yes" ], +- [ ac_cv_libc_defines_sys_nerr="no" ] +- ) ++ AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[ extern int sys_nerr; printf("%i", sys_nerr);]])],[ ac_cv_libc_defines_sys_nerr="yes" ],[ ac_cv_libc_defines_sys_nerr="no" ++ ]) + ]) + if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then + AC_DEFINE(HAVE_SYS_NERR) + fi + +-SCARD_MSG="no" ++SCARD_MSG="no" + # Check whether user wants sectok support + AC_ARG_WITH(sectok, + [ --with-sectok Enable smartcard support using libsectok], +@@ -2025,15 +1850,14 @@ + fi + AC_DEFINE(SMARTCARD) + AC_DEFINE(USE_SECTOK) +- SCARD_MSG="yes, using sectok" ++ SCARD_MSG="yes, using sectok" + fi + ] + ) + + # Check whether user wants OpenSC support + AC_ARG_WITH(opensc, +- AC_HELP_STRING([--with-opensc=PFX], +- [Enable smartcard support using OpenSC]), ++ AS_HELP_STRING(--with-opensc=PFX,Enable smartcard support using OpenSC), + opensc_config_prefix="$withval", opensc_config_prefix="") + if test x$opensc_config_prefix != x ; then + OPENSC_CONFIG=$opensc_config_prefix/bin/opensc-config +@@ -2045,36 +1869,36 @@ + LDFLAGS="$LDFLAGS $LIBOPENSC_LIBS" + AC_DEFINE(SMARTCARD) + AC_DEFINE(USE_OPENSC) +- SCARD_MSG="yes, using OpenSC" ++ SCARD_MSG="yes, using OpenSC" + fi + fi + + # Check libraries needed by DNS fingerprint support +-AC_SEARCH_LIBS(getrrsetbyname, resolv, +- [AC_DEFINE(HAVE_GETRRSETBYNAME)], +- [ +- # Needed by our getrrsetbyname() +- AC_SEARCH_LIBS(res_query, resolv) +- AC_SEARCH_LIBS(dn_expand, resolv) +- AC_CHECK_FUNCS(_getshort _getlong) +- AC_CHECK_MEMBER(HEADER.ad, +- [AC_DEFINE(HAVE_HEADER_AD)],, +- [#include <arpa/nameser.h>]) +- ]) ++ AC_SEARCH_LIBS(getrrsetbyname, resolv, ++ [AC_DEFINE(HAVE_GETRRSETBYNAME)], ++ [ ++ # Needed by our getrrsetbyname() ++ AC_SEARCH_LIBS(res_query, resolv) ++ AC_SEARCH_LIBS(dn_expand, resolv) ++ AC_CHECK_FUNCS(_getshort _getlong) ++ AC_CHECK_MEMBER(HEADER.ad, ++ [AC_DEFINE(HAVE_HEADER_AD)],, ++ [#include <arpa/nameser.h>]) ++ ]) + + # Check whether user wants Kerberos 5 support +-KRB5_MSG="no" ++KRB5_MSG="no" + AC_ARG_WITH(kerberos5, +- [ --with-kerberos5=PATH Enable Kerberos 5 support], ++ [ --with-kerberos5=PATH Enable Kerberos 5 support], + [ if test "x$withval" != "xno" ; then +- if test "x$withval" = "xyes" ; then +- KRB5ROOT="/usr/local" +- else +- KRB5ROOT=${withval} +- fi ++ if test "x$withval" = "xyes" ; then ++ KRB5ROOT="/usr/local" ++ else ++ KRB5ROOT=${withval} ++ fi + +- AC_DEFINE(KRB5) +- KRB5_MSG="yes" ++ AC_DEFINE(KRB5) ++ KRB5_MSG="yes" + + AC_MSG_CHECKING(for krb5-config) + if test -x $KRB5ROOT/bin/krb5-config ; then +@@ -2094,27 +1918,21 @@ + K5LIBS="`$KRB5CONF --libs $k5confopts`" + CPPFLAGS="$CPPFLAGS $K5CFLAGS" + AC_MSG_CHECKING(whether we are using Heimdal) +- AC_TRY_COMPILE([ #include <krb5.h> ], +- [ char *tmp = heimdal_version; ], +- [ AC_MSG_RESULT(yes) +- AC_DEFINE(HEIMDAL) ], +- AC_MSG_RESULT(no) +- ) ++ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <krb5.h> ]], [[ char *tmp = heimdal_version; ]])],[ AC_MSG_RESULT(yes) ++ AC_DEFINE(HEIMDAL) ],[AC_MSG_RESULT(no) ++ ]) + else + AC_MSG_RESULT(no) + CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include" + LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib" +- AC_MSG_CHECKING(whether we are using Heimdal) +- AC_TRY_COMPILE([ #include <krb5.h> ], +- [ char *tmp = heimdal_version; ], +- [ AC_MSG_RESULT(yes) +- AC_DEFINE(HEIMDAL) +- K5LIBS="-lkrb5 -ldes -lcom_err -lasn1 -lroken" +- ], +- [ AC_MSG_RESULT(no) +- K5LIBS="-lkrb5 -lk5crypto -lcom_err" +- ] +- ) ++ AC_MSG_CHECKING(whether we are using Heimdal) ++ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <krb5.h> ]], [[ char *tmp = heimdal_version; ]])],[ AC_MSG_RESULT(yes) ++ AC_DEFINE(HEIMDAL) ++ K5LIBS="-lkrb5 -ldes -lcom_err -lasn1 -lroken" ++ ],[ AC_MSG_RESULT(no) ++ K5LIBS="-lkrb5 -lk5crypto -lcom_err" ++ ++ ]) + AC_SEARCH_LIBS(dn_expand, resolv) + + AC_CHECK_LIB(gssapi,gss_init_sec_context, +@@ -2122,7 +1940,7 @@ + K5LIBS="-lgssapi $K5LIBS" ], + [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context, + [ AC_DEFINE(GSSAPI) +- K5LIBS="-lgssapi_krb5 $K5LIBS" ], ++ K5LIBS="-lgssapi_krb5 $K5LIBS" ], + AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]), + $K5LIBS) + ], +@@ -2130,10 +1948,10 @@ + + AC_CHECK_HEADER(gssapi.h, , + [ unset ac_cv_header_gssapi_h +- CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi" ++ CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi" + AC_CHECK_HEADERS(gssapi.h, , + AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail]) +- ) ++ ) + ] + ) + +@@ -2142,7 +1960,7 @@ + AC_CHECK_HEADER(gssapi_krb5.h, , + [ CPPFLAGS="$oldCPP" ]) + +- fi ++ fi + if test ! -z "$need_dash_r" ; then + LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib" + fi +@@ -2157,7 +1975,7 @@ + + LIBS="$LIBS $K5LIBS" + AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS)) +- ] ++ ] + ) + + # Looking for programs, paths and files +@@ -2221,7 +2039,7 @@ + + if test -z "$no_dev_ptmx" ; then + if test "x$disable_ptmx_check" != "xyes" ; then +- AC_CHECK_FILE("/dev/ptmx", ++ AC_CHECK_FILE("/dev/ptmx", + [ + AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX) + have_dev_ptmx=1 +@@ -2229,13 +2047,14 @@ + ) + fi + fi +-AC_CHECK_FILE("/dev/ptc", ++if test "$cross_compiling" != yes; then ++AC_CHECK_FILE("/dev/ptc", + [ + AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC) + have_dev_ptc=1 + ] + ) +- ++fi + # Options from here on. Some of these are preset by platform above + AC_ARG_WITH(mantype, + [ --with-mantype=man|cat|doc Set man page type], +@@ -2270,13 +2089,13 @@ + AC_SUBST(mansubdir) + + # Check whether to enable MD5 passwords +-MD5_MSG="no" ++MD5_MSG="no" + AC_ARG_WITH(md5-passwords, + [ --with-md5-passwords Enable use of MD5 passwords], + [ + if test "x$withval" != "xno" ; then + AC_DEFINE(HAVE_MD5_PASSWORDS) +- MD5_MSG="yes" ++ MD5_MSG="yes" + fi + ] + ) +@@ -2294,14 +2113,12 @@ + + if test -z "$disable_shadow" ; then + AC_MSG_CHECKING([if the systems has expire shadow information]) +- AC_TRY_COMPILE( +- [ ++ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ + #include <sys/types.h> + #include <shadow.h> + struct spwd sp; +- ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ], +- [ sp_expire_available=yes ], [] +- ) ++ ]], [[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ]])],[ sp_expire_available=yes ],[ ++ ]) + + if test "x$sp_expire_available" = "xyes" ; then + AC_MSG_RESULT(yes) +@@ -2316,13 +2133,13 @@ + DISPLAY_HACK_MSG="yes" + AC_DEFINE(IPADDR_IN_DISPLAY) + else +- DISPLAY_HACK_MSG="no" ++ DISPLAY_HACK_MSG="no" + AC_ARG_WITH(ipaddr-display, + [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY], + [ + if test "x$withval" != "xno" ; then + AC_DEFINE(IPADDR_IN_DISPLAY) +- DISPLAY_HACK_MSG="yes" ++ DISPLAY_HACK_MSG="yes" + fi + ] + ) +@@ -2332,7 +2149,9 @@ + AC_ARG_ENABLE(etc-default-login, + [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],, + [ ++if test "x$cross_compiling" != "xyes"; then + AC_CHECK_FILE("/etc/default/login", [ external_path_file=/etc/default/login ]) ++fi + + if test "x$external_path_file" = "x/etc/default/login"; then + AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN) +@@ -2346,7 +2165,7 @@ + fi + + # Whether to mess with the default path +-SERVER_PATH_MSG="(default)" ++SERVER_PATH_MSG="(default)" + AC_ARG_WITH(default-path, + [ --with-default-path= Specify default \$PATH environment for server], + [ +@@ -2361,7 +2180,7 @@ + $external_path_file .]) + fi + user_path="$withval" +- SERVER_PATH_MSG="$withval" ++ SERVER_PATH_MSG="$withval" + fi + ], + [ if test "x$external_path_file" = "x/etc/login.conf" ; then +@@ -2372,8 +2191,7 @@ + If PATH is defined in $external_path_file, ensure the path to scp is included, + otherwise scp will not work.]) + fi +- AC_TRY_RUN( +- [ ++ AC_RUN_IFELSE([AC_LANG_SOURCE([[ + /* find out what STDPATH is */ + #include <stdio.h> + #ifdef HAVE_PATHS_H +@@ -2405,10 +2223,8 @@ + + exit(0); + } +- ], [ user_path=`cat conftest.stdpath` ], +- [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ], +- [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ] +- ) ++ ]])],[ user_path=`cat conftest.stdpath` ],[ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],[ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ++ ]) + # make sure $bindir is in USER_PATH so scp will work + t_bindir=`eval echo ${bindir}` + case $t_bindir in +@@ -2445,14 +2261,14 @@ + + + AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses]) +-IPV4_IN6_HACK_MSG="no" ++IPV4_IN6_HACK_MSG="no" + AC_ARG_WITH(4in6, + [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses], + [ + if test "x$withval" != "xno" ; then + AC_MSG_RESULT(yes) + AC_DEFINE(IPV4_IN_IPV6) +- IPV4_IN6_HACK_MSG="yes" ++ IPV4_IN6_HACK_MSG="yes" + else + AC_MSG_RESULT(no) + fi +@@ -2460,7 +2276,7 @@ + if test "x$inet6_default_4in6" = "xyes"; then + AC_MSG_RESULT([yes (default)]) + AC_DEFINE(IPV4_IN_IPV6) +- IPV4_IN6_HACK_MSG="yes" ++ IPV4_IN6_HACK_MSG="yes" + else + AC_MSG_RESULT([no (default)]) + fi +@@ -2485,7 +2301,7 @@ + if test ! -d $piddir ; then + piddir=`eval echo ${sysconfdir}` + case $piddir in +- NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;; ++ NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;; + esac + fi + +@@ -2557,7 +2373,7 @@ + [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]], + [ + if test "x$enableval" = "xno" ; then +- AC_DEFINE(DISABLE_PUTUTLINE) ++ AC_DEFINE(DISABLE_PUTUTLINE) + fi + ] + ) +@@ -2588,7 +2404,7 @@ + dnl lastlog detection + dnl NOTE: the code itself will detect if lastlog is a directory + AC_MSG_CHECKING([if your system defines LASTLOG_FILE]) +-AC_TRY_COMPILE([ ++AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ + #include <sys/types.h> + #include <utmp.h> + #ifdef HAVE_LASTLOG_H +@@ -2600,13 +2416,10 @@ + #ifdef HAVE_LOGIN_H + # include <login.h> + #endif +- ], +- [ char *lastlog = LASTLOG_FILE; ], +- [ AC_MSG_RESULT(yes) ], +- [ ++ ]], [[ char *lastlog = LASTLOG_FILE; ]])],[ AC_MSG_RESULT(yes) ],[ + AC_MSG_RESULT(no) + AC_MSG_CHECKING([if your system defines _PATH_LASTLOG]) +- AC_TRY_COMPILE([ ++ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ + #include <sys/types.h> + #include <utmp.h> + #ifdef HAVE_LASTLOG_H +@@ -2615,15 +2428,12 @@ + #ifdef HAVE_PATHS_H + # include <paths.h> + #endif +- ], +- [ char *lastlog = _PATH_LASTLOG; ], +- [ AC_MSG_RESULT(yes) ], +- [ ++ ]], [[ char *lastlog = _PATH_LASTLOG; ]])],[ AC_MSG_RESULT(yes) ],[ + AC_MSG_RESULT(no) + system_lastlog_path=no + ]) +- ] +-) ++ ++]) + + if test -z "$conf_lastlog_location"; then + if test x"$system_lastlog_path" = x"no" ; then +@@ -2645,18 +2455,15 @@ + + dnl utmp detection + AC_MSG_CHECKING([if your system defines UTMP_FILE]) +-AC_TRY_COMPILE([ ++AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ + #include <sys/types.h> + #include <utmp.h> + #ifdef HAVE_PATHS_H + # include <paths.h> + #endif +- ], +- [ char *utmp = UTMP_FILE; ], +- [ AC_MSG_RESULT(yes) ], +- [ AC_MSG_RESULT(no) +- system_utmp_path=no ] +-) ++ ]], [[ char *utmp = UTMP_FILE; ]])],[ AC_MSG_RESULT(yes) ],[ AC_MSG_RESULT(no) ++ system_utmp_path=no ++]) + if test -z "$conf_utmp_location"; then + if test x"$system_utmp_path" = x"no" ; then + for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do +@@ -2675,18 +2482,15 @@ + + dnl wtmp detection + AC_MSG_CHECKING([if your system defines WTMP_FILE]) +-AC_TRY_COMPILE([ ++AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ + #include <sys/types.h> + #include <utmp.h> + #ifdef HAVE_PATHS_H + # include <paths.h> + #endif +- ], +- [ char *wtmp = WTMP_FILE; ], +- [ AC_MSG_RESULT(yes) ], +- [ AC_MSG_RESULT(no) +- system_wtmp_path=no ] +-) ++ ]], [[ char *wtmp = WTMP_FILE; ]])],[ AC_MSG_RESULT(yes) ],[ AC_MSG_RESULT(no) ++ system_wtmp_path=no ++]) + if test -z "$conf_wtmp_location"; then + if test x"$system_wtmp_path" = x"no" ; then + for f in /usr/adm/wtmp /var/log/wtmp; do +@@ -2708,7 +2512,7 @@ + dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out + dnl there, though. + AC_MSG_CHECKING([if your system defines UTMPX_FILE]) +-AC_TRY_COMPILE([ ++AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ + #include <sys/types.h> + #include <utmp.h> + #ifdef HAVE_UTMPX_H +@@ -2717,12 +2521,9 @@ + #ifdef HAVE_PATHS_H + # include <paths.h> + #endif +- ], +- [ char *utmpx = UTMPX_FILE; ], +- [ AC_MSG_RESULT(yes) ], +- [ AC_MSG_RESULT(no) +- system_utmpx_path=no ] +-) ++ ]], [[ char *utmpx = UTMPX_FILE; ]])],[ AC_MSG_RESULT(yes) ],[ AC_MSG_RESULT(no) ++ system_utmpx_path=no ++]) + if test -z "$conf_utmpx_location"; then + if test x"$system_utmpx_path" = x"no" ; then + AC_DEFINE(DISABLE_UTMPX) +@@ -2733,7 +2534,7 @@ + + dnl wtmpx detection + AC_MSG_CHECKING([if your system defines WTMPX_FILE]) +-AC_TRY_COMPILE([ ++AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ + #include <sys/types.h> + #include <utmp.h> + #ifdef HAVE_UTMPX_H +@@ -2742,12 +2543,9 @@ + #ifdef HAVE_PATHS_H + # include <paths.h> + #endif +- ], +- [ char *wtmpx = WTMPX_FILE; ], +- [ AC_MSG_RESULT(yes) ], +- [ AC_MSG_RESULT(no) +- system_wtmpx_path=no ] +-) ++ ]], [[ char *wtmpx = WTMPX_FILE; ]])],[ AC_MSG_RESULT(yes) ],[ AC_MSG_RESULT(no) ++ system_wtmpx_path=no ++]) + if test -z "$conf_wtmpx_location"; then + if test x"$system_wtmpx_path" = x"no" ; then + AC_DEFINE(DISABLE_WTMPX) +@@ -2839,7 +2637,7 @@ + if test "x$PAM_MSG" = "xyes" ; then + echo "PAM is enabled. You may need to install a PAM control file " + echo "for sshd, otherwise password authentication may fail. " +- echo "Example PAM control files can be found in the contrib/ " ++ echo "Example PAM control files can be found in the contrib/ " + echo "subdirectory" + echo "" + fi diff --git a/openssh/openssh-3.8p1/scp-nossl.patch b/openssh/openssh-3.8p1/scp-nossl.patch index e69de29bb2..222a52ff8a 100644 --- a/openssh/openssh-3.8p1/scp-nossl.patch +++ b/openssh/openssh-3.8p1/scp-nossl.patch @@ -0,0 +1,24 @@ + +# +# Made by http://www.mn-logistik.de/unsupported/pxa250/patcher +# + +--- openssh-3.6.1p2/Makefile.in~scp-nossl ++++ openssh-3.6.1p2/Makefile.in +@@ -43,6 +43,7 @@ + CFLAGS=@CFLAGS@ + CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ $(PATHS) @DEFS@ + LIBS=@LIBS@ ++SCP_LIBS= + LIBPAM=@LIBPAM@ + LIBWRAP=@LIBWRAP@ + AR=@AR@ +@@ -134,7 +135,7 @@ + $(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBWRAP) $(LIBPAM) $(LIBS) + + scp$(EXEEXT): $(LIBCOMPAT) libssh.a scp.o progressmeter.o +- $(LD) -o $@ scp.o progressmeter.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) ++ $(LD) -o $@ scp.o progressmeter.o $(LDFLAGS) -lssh -lopenbsd-compat $(SCP_LIBS) + + ssh-add$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-add.o + $(LD) -o $@ ssh-add.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) |