-/* config.h.in. Generated automatically from configure.in by autoheader. */
+/* config.h.in. Generated from configure.in by autoheader. */
#ifndef _SUDO_CONFIG_H
#define _SUDO_CONFIG_H
/* Define if you want insults culled from the twisted minds of CSOps. */
#undef CSOPS_INSULTS
-/* Define if using `alloca.c'. */
+/* Define to 1 if using `alloca.c'. */
#undef C_ALLOCA
/* Define if you want sudo to display "command not allowed" instead of
/* Define if you use AFS. */
#undef HAVE_AFS
-/* Define if you have `alloca', as a function or macro. */
+/* Define to 1 if you have `alloca', as a function or macro. */
#undef HAVE_ALLOCA
-/* Define if you have <alloca.h> and it should be used (not on Ultrix). */
+/* Define to 1 if you have <alloca.h> and it should be used (not on Ultrix).
+ */
#undef HAVE_ALLOCA_H
-/* Define if you have the `asprintf' function. */
+/* Define to 1 if you have the `asprintf' function. */
#undef HAVE_ASPRINTF
/* Define if you use AIX general authentication. */
#undef HAVE_AUTHENTICATE
-/* Define if you have the `bigcrypt' function. */
+/* Define to 1 if you have the `bigcrypt' function. */
#undef HAVE_BIGCRYPT
/* Define if you use BSD authentication. */
/* Define if you use OSF DCE. */
#undef HAVE_DCE
-/* Define if you have the <dirent.h> header file, and it defines `DIR'. */
+/* Define to 1 if you have the <dirent.h> header file, and it defines `DIR'.
+ */
#undef HAVE_DIRENT_H
-/* Define if you have the `dispcrypt' function. */
+/* Define to 1 if you have the `dispcrypt' function. */
#undef HAVE_DISPCRYPT
-/* Define if you have the `flock' function. */
+/* Define to 1 if you have the `flock' function. */
#undef HAVE_FLOCK
/* Define if you have the `fnmatch' function. */
#undef HAVE_FNMATCH
-/* Define if you have the `freeifaddrs' function. */
+/* Define to 1 if you have the `freeifaddrs' function. */
#undef HAVE_FREEIFADDRS
-/* Define if you have the `fstat' function. */
+/* Define to 1 if you have the `fstat' function. */
#undef HAVE_FSTAT
/* Define if you use the FWTK authsrv daemon. */
*/
#undef HAVE_GETAUTHUID
-/* Define if you have the `getcwd' function. */
+/* Define to 1 if you have the `getcwd' function. */
#undef HAVE_GETCWD
-/* Define if you have the `getdomainname' function. */
+/* Define to 1 if you have the `getdomainname' function. */
#undef HAVE_GETDOMAINNAME
-/* Define if you have the `getifaddrs' function. */
+/* Define to 1 if you have the `getifaddrs' function. */
#undef HAVE_GETIFADDRS
/* Define if you have the `getprpwnam' function. (SecureWare-style shadow
passwords) */
#undef HAVE_GETSPWUID
-/* Define if you have the `initgroups' function. */
+/* Define to 1 if you have the `initgroups' function. */
#undef HAVE_INITGROUPS
-/* Define if you have the `initprivs' function. */
+/* Define to 1 if you have the `initprivs' function. */
#undef HAVE_INITPRIVS
-/* Define if you have the `innetgr' function. */
+/* Define to 1 if you have the `innetgr' function. */
#undef HAVE_INNETGR
-/* Define if you have the <inttypes.h> header file. */
+/* Define to 1 if you have the <inttypes.h> header file. */
#undef HAVE_INTTYPES_H
/* Define if you have isblank(3). */
/* Define if you use Kerberos V. */
#undef HAVE_KERB5
-/* Define if you have the `lockf' function. */
+/* Define to 1 if you have the `lockf' function. */
#undef HAVE_LOCKF
-/* Define if you have the <login_cap.h> header file. */
+/* Define to 1 if you have the <login_cap.h> header file. */
#undef HAVE_LOGIN_CAP_H
/* Define if your compiler supports the "long long" type. */
#undef HAVE_LONG_LONG
-/* Define if you have the `lsearch' function. */
+/* Define to 1 if you have the `lsearch' function. */
#undef HAVE_LSEARCH
-/* Define if you have the <malloc.h> header file. */
+/* Define to 1 if you have the <malloc.h> header file. */
#undef HAVE_MALLOC_H
-/* Define if you have the `memchr' function. */
+/* Define to 1 if you have the `memchr' function. */
#undef HAVE_MEMCHR
-/* Define if you have the `memcpy' function. */
+/* Define to 1 if you have the `memcpy' function. */
#undef HAVE_MEMCPY
-/* Define if you have the <memory.h> header file. */
+/* Define to 1 if you have the <memory.h> header file. */
#undef HAVE_MEMORY_H
-/* Define if you have the `memset' function. */
+/* Define to 1 if you have the `memset' function. */
#undef HAVE_MEMSET
-/* Define if you have the <ndir.h> header file, and it defines `DIR'. */
+/* Define to 1 if you have the <ndir.h> header file, and it defines `DIR'. */
#undef HAVE_NDIR_H
-/* Define if you have the <netgroup.h> header file. */
+/* Define to 1 if you have the <netgroup.h> header file. */
#undef HAVE_NETGROUP_H
/* Define if you use NRL OPIE. */
/* Define if you use PAM. */
#undef HAVE_PAM
-/* Define if you have the <paths.h> header file. */
+/* Define
to 1 if you have the <paths.h> header file. */
#undef HAVE_PATHS_H
/* Define if your struct sockadr has an sa_len field. */
/* Define if you use SecurID. */
#undef HAVE_SECURID
-/* Define if you have the `setegid' function. */
-#undef HAVE_SETEGID
-
-/* Define if you have the `seteuid' function. */
-#undef HAVE_SETEUID
+/* Define to 1 if you have the `setresuid' function. */
+#undef HAVE_SETRESUID
-/* Define if you have the `setreuid' function. */
+/* Define to 1 if you have the `setreuid' function. */
#undef HAVE_SETREUID
-/* Define if you have the `setrlimit' function. */
+/* Define to 1 if you have the `setrlimit' function. */
#undef HAVE_SETRLIMIT
-/* Define if you have the `set_auth_parameters' function. */
+/* Define to 1 if you have the `set_auth_parameters' function. */
#undef HAVE_SET_AUTH_PARAMETERS
/* Define if you use SIA. */
#undef HAVE_SIA
-/* Define if you have the `sigaction' function. */
+/* Define to 1 if you have the `sigaction' function. */
#undef HAVE_SIGACTION
/* Define if <signal.h> has the sigaction_t typedef. */
#undef HAVE_SIGACTION_T
-/* Define if the system has the type `sig_atomic_t'. */
+/* Define to 1 if the system has the type `sig_atomic_t'. */
#undef HAVE_SIG_ATOMIC_T
/* Define if you use S/Key. */
/* Define if your S/Key library has skeyaccess(). */
#undef HAVE_SKEYACCESS
-/* Define if you have the `snprintf' function. */
+/* Define to 1 if you have the `snprintf' function. */
#undef HAVE_SNPRINTF
-/* Define if you have the <stdint.h> header file. */
+/* Define to 1 if you have the <stdint.h> header file. */
#undef HAVE_STDINT_H
-/* Define if you have the <stdlib.h> header file. */
+/* Define to 1 if you have the <stdlib.h> header file. */
#undef HAVE_STDLIB_H
-/* Define if you have the `strcasecmp' function. */
+/* Define to 1 if you have the `strcasecmp' function. */
#undef HAVE_STRCASECMP
-/* Define if you have the `strchr' function. */
+/* Define to 1 if you have the `strchr' function. */
#undef HAVE_STRCHR
-/* Define if you have the `strerror' function. */
+/* Define to 1 if you have the `strerror' function. */
#undef HAVE_STRERROR
-/* Define if you have the `strftime' function. */
+/* Define to 1 if you have the `strftime' function. */
#undef HAVE_STRFTIME
-/* Define if you have the <strings.h> header file. */
+/* Define to 1 if you have the <strings.h> header file. */
#undef HAVE_STRINGS_H
-/* Define if you have the <string.h> header file. */
+/* Define to 1 if you have the <string.h> header file. */
#undef HAVE_STRING_H
-/* Define if you have the `strrchr' function. */
+/* Define to 1 if you have the `strrchr' function. */
#undef HAVE_STRRCHR
-/* Define if you have the `sysconf' function. */
+/* Define to 1 if you have the `sysconf' function. */
#undef HAVE_SYSCONF
-/* Define if you have the <sys/bsdtypes.h> header file. */
+/* Define to 1 if you have the <sys/bsdtypes.h> header file. */
#undef HAVE_SYS_BSDTYPES_H
-/* Define if you have the <sys/dir.h> header file, and it defines `DIR'. */
+/* Define to 1 if you have the <sys/dir.h> header file, and it defines `DIR'.
+ */
#undef HAVE_SYS_DIR_H
-/* Define if you have the <sys/ndir.h> header file, and it defines `DIR'. */
+/* Define to 1 if you have the <sys/ndir.h> header file, and it defines `DIR'.
+ */
#undef HAVE_SYS_NDIR_H
-/* Define if you have the <sys/select.h> header file. */
+/* Define to 1 if you have the <sys/select.h> header file. */
#undef HAVE_SYS_SELECT_H
-/* Define if you have the <sys/sockio.h> header file. */
+/* Define to 1 if you have the <sys/sockio.h> header file. */
#undef HAVE_SYS_SOCKIO_H
-/* Define if you have the <sys/stat.h> header file. */
+/* Define to 1 if you have the <sys/stat.h> header file. */
#undef HAVE_SYS_STAT_H
-/* Define if you have the <sys/types.h> header file. */
+/* Define to 1 if you have the <sys/types.h> header file. */
#undef HAVE_SYS_TYPES_H
/* Define if you have the <termios.h> header file and the `tcgetattr'
function. */
#undef HAVE_TERMIOS_H
-/* Define if you have the <termio.h> header file. */
+/* Define to 1 if you have the <termio.h> header file. */
#undef HAVE_TERMIO_H
-/* Define if you have the `tzset' function. */
+/* Define to 1 if you have the `tzset' function. */
#undef HAVE_TZSET
-/* Define if you have the <unistd.h> header file. */
+/* Define to 1 if you have the <unistd.h> header file. */
#undef HAVE_UNISTD_H
-/* Define if you have the `utime' function. */
+/* Define to 1 if you have the `utime' function. */
#undef HAVE_UTIME
-/* Define if you have the <utime.h> header file. */
+/* Define to 1 if you have the <utime.h> header file. */
#undef HAVE_UTIME_H
/* Define if you have a POSIX utime() (uses struct utimbuf). */
#undef HAVE_UTIME_POSIX
-/* Define if you have the `vasprintf' function. */
+/* Define to 1 if you have the `vasprintf' function. */
#undef HAVE_VASPRINTF
-/* Define if you have the `vsnprintf' function. */
+/* Define to 1 if you have the `vsnprintf' function. */
#undef HAVE_VSNPRINTF
-/* Define if you have the `wait3' function. */
+/* Define to 1 if you have the `wait3' function. */
#undef HAVE_WAIT3
-/* Define if you have the `waitpid' function. */
+/* Define to 1 if you have the `waitpid' function. */
#undef HAVE_WAITPID
-/* Define if you have the `_innetgr' function. */
+/* Define to 1 if you have the `_innetgr' function. */
#undef HAVE__INNETGR
/* Define if you want the hostname to be entered into the log file. */
/* Define if you want sudo to start a shell if given no arguments. */
#undef SHELL_IF_NO_ARGS
-/* Define if you want sudo to set /home/millert in shell mode. */
+/* Define if you want sudo to set in shell mode. */
#undef SHELL_SETS_HOME
/* If using the C implementation of alloca, define if you know the
STACK_DIRECTION = 0 => direction of growth unknown */
#undef STACK_DIRECTION
-/* Define if you have the ANSI C header files. */
+/* Define to 1 if you have the ANSI C header files. */
#undef STDC_HEADERS
/* Define if the code in interfaces.c does not compile for you. */
# define _GNU_SOURCE 1
#endif
-/* Define if you need to in order for stat and other things to work. */
-#undef _POSIX_SOURCE
-
/* Define to empty if `const' does not conform to ANSI C. */
#undef const
Do not require authentication by default
--disable-root-mailer Don't run the mailer as root, run as the user
--disable-setreuid Don't try to use the setreuid() function
+ --disable-setresuid Don't try to use the setresuid() function
--disable-saved-ids Don't try to use POSIX saved ids
--disable-shadow Never use shadow passwords
--disable-root-sudo Don't allow root to run sudo
echo "$as_me:$LINENO: result: yes" >&5
echo "${ECHO_T}yes" >&6
with_passwd=no
- AUTH_OBJS="securid.o"
;;
esac
fi;
if test "${enable_setreuid+set}" = set; then
enableval="$enable_setreuid"
case "$enableval" in
- no) BROKEN_SETREUID=1
+ no) SKIP_SETREUID=yes
+ ;;
+ *) ;;
+ esac
+
+fi;
+
+# Check whether --enable-setresuid or --disable-setresuid was given.
+if test "${enable_setresuid+set}" = set; then
+ enableval="$enable_setresuid"
+ case "$enableval" in
+ no) SKIP_SETRESUID=yes
;;
*) ;;
esac
test -n "$mansectform" || mansectform=4
;;
*-*-bsdi*)
- BROKEN_SETREUID=yes
+ SKIP_SETREUID=yes
# Use shlicc for BSD/OS [23].x unless asked to do otherwise
if test "${with_CC+set}" != set -a "$ac_cv_prog_CC" = gcc; then
case "$OSREV" in
# backported to 2.0.5. We just take 2.1 and above...
case "`echo $host_os | sed 's/^freebsd\([0-9\.]*\).*$/\1/'`" in
0.*|1.*|2.0*)
- BROKEN_SETREUID=yes
+ SKIP_SETREUID=yes
;;
esac
if test "$with_logincap" = "yes"; then
fi
;;
*-*-*openbsd*)
- BROKEN_SETREUID=yes
+ SKIP_SETREUID=yes
if test "$CHECKSHADOW" = "true"; then
CHECKSHADOW="false"
fi
# NetBSD has a real setreuid(2) starting with 1.3.2
case "`echo $host_os | sed 's/^netbsd\([0-9\.]*\).*$/\1/'`" in
0.9*|1.012*|1.3|1.3.1)
- BROKEN_SETREUID=yes
+ SKIP_SETREUID=yes
;;
esac
if test "$CHECKSHADOW" = "true"; then
-
-
for ac_func in strchr strrchr memchr memcpy memset sysconf tzset \
- seteuid setegid strftime setrlimit initgroups fstat
+ strftime setrlimit initgroups fstat
do
as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
echo "$as_me:$LINENO: checking for $ac_func" >&5
fi
done
-if test -z "$BROKEN_SETREUID"; then
+if test -z "$SKIP_SETRESUID"; then
+
+for ac_func in setresuid
+do
+as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
+echo "$as_me:$LINENO: checking for $ac_func" >&5
+echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6
+if eval "test \"\${$as_ac_var+set}\" = set"; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+#line $LINENO "configure"
+#include "confdefs.h"
+/* System header to define __stub macros and hopefully few prototypes,
+ which can conflict with char $ac_func (); below. */
+#include <assert.h>
+/* Override any gcc2 internal prototype to avoid an error. */
+#ifdef __cplusplus
+extern "C"
+#endif
+/* We use char because int might match the return type of a gcc2
+ builtin and then its argument prototype would still apply. */
+char $ac_func ();
+char (*f) ();
+
+#ifdef F77_DUMMY_MAIN
+# ifdef __cplusplus
+ extern "C"
+# endif
+ int F77_DUMMY_MAIN() { return 1; }
+#endif
+int
+main ()
+{
+/* The GNU C library defines this for functions which it implements
+ to always fail with ENOSYS. Some functions are actually named
+ something starting with __ and the normal name is an alias. */
+#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
+choke me
+#else
+f = $ac_func;
+#endif
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -s conftest$ac_exeext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ eval "$as_ac_var=yes"
+else
+ echo "$as_me: failed program was:" >&5
+cat conftest.$ac_ext >&5
+eval "$as_ac_var=no"
+fi
+rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
+fi
+echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5
+echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6
+if test `eval echo '${'$as_ac_var'}'` = yes; then
+ cat >>confdefs.h <<_ACEOF
+#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1
+_ACEOF
+ SKIP_SETREUID=yes
+fi
+done
+
+fi
+if test -z "$SKIP_SETREUID"; then
for ac_func in setreuid
do
if test -n "$with_SecurID" -a "$with_SecurID" != "no"; then
if test "$with_SecurID" != "yes"; then
- SUDO_LIBS="${SUDO_LIBS} ${with_SecurID}/sdiclient.a"
- CPPFLAGS="${CPPFLAGS} -I${with_SecurID}"
- elif test -f /usr/ace/examples/sdiclient.a; then
- SUDO_LIBS="${SUDO_LIBS} /usr/ace/examples/sdiclient.a"
- CPPFLAGS="${CPPFLAGS} -I/usr/ace/examples"
+ :
+ elif test -d /usr/ace/examples; then
+ with_SecurID=/usr/ace/examples
else
- SUDO_LIBS="${SUDO_LIBS} /usr/ace/sdiclient.a"
- CPPFLAGS="${CPPFLAGS} -I/usr/ace"
+ with_SecurID=/usr/ace
fi
+ CPPFLAGS="${CPPFLAGS} -I${with_SecurID}"
+ _LDFLAGS="${LDFLAGS}"
+ LDFLAGS="${LDFLAGS} -L${with_SecurID}"
+ #
+ # Determine whether to use the new or old SecurID API
+ #
+ echo "$as_me:$LINENO: checking for SD_Init in -laceclnt" >&5
+echo $ECHO_N "checking for SD_Init in -laceclnt... $ECHO_C" >&6
+if test "${ac_cv_lib_aceclnt_SD_Init_lpthread+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ ac_check_lib_save_LIBS=$LIBS
+LIBS="-laceclnt -lpthread $LIBS"
+cat >conftest.$ac_ext <<_ACEOF
+#line $LINENO "configure"
+#include "confdefs.h"
+
+/* Override any gcc2 internal prototype to avoid an error. */
+#ifdef __cplusplus
+extern "C"
+#endif
+/* We use char because int might match the return type of a gcc2
+ builtin and then its argument prototype would still apply. */
+char SD_Init ();
+#ifdef F77_DUMMY_MAIN
+# ifdef __cplusplus
+ extern "C"
+# endif
+ int F77_DUMMY_MAIN() { return 1; }
+#endif
+int
+main ()
+{
+SD_Init ();
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -s conftest$ac_exeext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_cv_lib_aceclnt_SD_Init_lpthread=yes
+else
+ echo "$as_me: failed program was:" >&5
+cat conftest.$ac_ext >&5
+ac_cv_lib_aceclnt_SD_Init_lpthread=no
+fi
+rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+echo "$as_me:$LINENO: result: $ac_cv_lib_aceclnt_SD_Init_lpthread" >&5
+echo "${ECHO_T}$ac_cv_lib_aceclnt_SD_Init_lpthread" >&6
+if test $ac_cv_lib_aceclnt_SD_Init_lpthread = yes; then
+ AUTH_OBJS="securid5.o"; SUDO_LIBS="${SUDO_LIBS} -laceclnt -lpthread"; SUDO_LDFLAGS="${SUDO_LDFLAGS} -L${with_SecurID}"
+else
+ AUTH_OBJS="securid.o"; SUDO_LIBS="${SUDO_LIBS} ${with_SecurID}/sdiclient.a"
+fi
+
+ LDFLAGS="${_LDFLAGS}"
fi
if test "$with_fwtk" = "yes"; then
projects / sudo / commitdiff